Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Support patching installer manifests #2499

Open
wants to merge 1 commit into
base: master
Choose a base branch
from

Conversation

2uasimojo
Copy link
Member

@2uasimojo 2uasimojo commented Oct 23, 2024

With this change, you can use new API field ClusterDeployment.Spec.Provisioning.CustomizationRef to point to a ClusterDeploymentCustomization (hereinafter "CDC") object in the same namespace as the ClusterDeployment (CD).

ClusterDeploymentCustomizations:
CDC accepts a new subfield, Spec.InstallerManifestPatches, which consists of:

  • Glob: a string representing a file glob, relative to the installer working directory, matching one or more manifest files.
  • Patches: a list of PatchEntity representing RFC6902 JSON patches to apply to the matched manifest(s).

Also, I got really annoyed having to type out clusterdeploymentcustomizations on the CLI, so I added abbreviation cdc to the schema.

ClusterPools:
CDC was already being used by ClusterPool-owned CDs to allow patching the install-config generated from the template referred to by ClusterPool.Spec.InstallConfigSecretTemplateRef. With this change, ClusterPool-owned CDs can start using manifest patches in two ways (not mutually exclusive):

  • Patches specific to the CD can be included in the InstallerManifestPatches field of the existing Inventory CDCs.
  • Patches applicable to all CDs in the pool can be provided by a CDC referenced via a new ClusterPool.Spec.CustomizationRef field.

HIVE-1793

@2uasimojo 2uasimojo marked this pull request as draft October 23, 2024 22:07
@openshift-ci openshift-ci bot added the do-not-merge/work-in-progress Indicates that a PR should not merge because it is a work in progress. label Oct 23, 2024
@openshift-ci openshift-ci bot requested review from jstuever and suhanime October 23, 2024 22:07
Copy link
Contributor

openshift-ci bot commented Oct 23, 2024

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: 2uasimojo

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@openshift-ci openshift-ci bot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Oct 23, 2024
@2uasimojo
Copy link
Member Author

/test e2e

@2uasimojo 2uasimojo force-pushed the HIVE-1793/manifest-patch branch from 677edab to 6e54c52 Compare October 28, 2024 22:21
@2uasimojo 2uasimojo force-pushed the HIVE-1793/manifest-patch branch 2 times, most recently from 786df32 to 61ae998 Compare November 9, 2024 23:12
@2uasimojo
Copy link
Member Author

This is going well:

efried@efried-thinkpadp16vgen1:~/go/src/github.com/openshift/hive$ oc get cd efried416 -o yaml | yq r - spec.provisioning.customizationRef
name: mycdc

mycdc looks like:

apiVersion: hive.openshift.io/v1
kind: ClusterDeploymentCustomization
metadata:
  name: mycdc
  namespace: efried
spec:
  installerManifestPatches:
  - manifestSelector:
      glob: cluster-api/*/*machine*.yaml
    patches:
    - op: add
      path: /metadata/labels
      valueJSON: |
        {"efried.openshift.io/foo": "bar"}

The installmanager logs include:

time="2024-11-09T23:44:50Z" level=info msg="Found 1 InstallerManifestPatch entries from ClusterDeployment.Spec.CustomizationRef mycdc" installID=qgwtrjmj
time="2024-11-09T23:44:50Z" level=info msg="manifest patch glob 0 (cluster-api/*/*machine*.yaml) matched 8 files" installID=qgwtrjmj
time="2024-11-09T23:44:50Z" level=info msg="patching manifest /output/cluster-api/machines/10_inframachine_efried416-ttb8s-bootstrap.yaml" installID=qgwtrjmj
time="2024-11-09T23:44:50Z" level=info msg="patching manifest /output/cluster-api/machines/10_inframachine_efried416-ttb8s-master-0.yaml" installID=qgwtrjmj
time="2024-11-09T23:44:50Z" level=info msg="patching manifest /output/cluster-api/machines/10_inframachine_efried416-ttb8s-master-1.yaml" installID=qgwtrjmj
time="2024-11-09T23:44:50Z" level=info msg="patching manifest /output/cluster-api/machines/10_inframachine_efried416-ttb8s-master-2.yaml" installID=qgwtrjmj
time="2024-11-09T23:44:50Z" level=info msg="patching manifest /output/cluster-api/machines/10_machine_efried416-ttb8s-bootstrap.yaml" installID=qgwtrjmj
time="2024-11-09T23:44:50Z" level=info msg="patching manifest /output/cluster-api/machines/10_machine_efried416-ttb8s-master-0.yaml" installID=qgwtrjmj
time="2024-11-09T23:44:50Z" level=info msg="patching manifest /output/cluster-api/machines/10_machine_efried416-ttb8s-master-1.yaml" installID=qgwtrjmj
time="2024-11-09T23:44:50Z" level=info msg="patching manifest /output/cluster-api/machines/10_machine_efried416-ttb8s-master-2.yaml" installID=qgwtrjmj

and a sample manifest in the in-progress provision pod was correctly patched:

apiVersion: cluster.x-k8s.io/v1beta1
kind: Machine
metadata:
  creationTimestamp: null
  labels:
    efried.openshift.io/foo: bar    # <=== L@@K
  name: efried416-ttb8s-master-0
spec:
  bootstrap:
    dataSecretName: efried416-ttb8s-master
  clusterName: efried416-ttb8s
  infrastructureRef:
    apiVersion: infrastructure.cluster.x-k8s.io/v1beta2
    kind: AWSMachine
    name: efried416-ttb8s-master-0
status:
  bootstrapReady: false
  infrastructureReady: false

@2uasimojo
Copy link
Member Author

I just need to test the clusterpool path (and maybe noodle how the error conditions manifest) and we'll be good to land this.

@2uasimojo
Copy link
Member Author

/cc @abraverm

@openshift-ci openshift-ci bot requested a review from abraverm November 9, 2024 23:51
@abraverm
Copy link
Contributor

In Clusterpool we do reservation of the CDC, should this mechanism somewhat migrate/copied to CD controller?

@2uasimojo
Copy link
Member Author

2uasimojo commented Nov 11, 2024

In Clusterpool we do reservation of the CDC, should this mechanism somewhat migrate/copied to CD controller?

For pool inventory, reserving CDCs makes sense because they're intended to enable exclusive/unique settings such as reserved IP addresses. And manifest-patching CDCs used for clusterpool inventory will still be subject to reservation as usual. But for this use case -- CDs' CustomizationRef-named CDCs -- I think we explicitly want manifest patching to be usable by multiple CDs without restriction. Does that make sense?

@2uasimojo 2uasimojo force-pushed the HIVE-1793/manifest-patch branch 2 times, most recently from 4c36dc3 to ea46045 Compare November 13, 2024 22:58
@2uasimojo 2uasimojo marked this pull request as ready for review November 13, 2024 23:01
@openshift-ci openshift-ci bot removed the do-not-merge/work-in-progress Indicates that a PR should not merge because it is a work in progress. label Nov 13, 2024
@openshift-ci openshift-ci bot requested a review from dlom November 13, 2024 23:01
Copy link

codecov bot commented Nov 14, 2024

Codecov Report

Attention: Patch coverage is 63.54167% with 70 lines in your changes missing coverage. Please review.

Project coverage is 49.85%. Comparing base (a428d21) to head (c8f29d8).

Files with missing lines Patch % Lines
pkg/installmanager/installmanager.go 25.00% 29 Missing and 1 partial ⚠️
.../clusterdeployment/clusterdeployment_controller.go 30.00% 28 Missing ⚠️
...g/controller/clusterpool/clusterpool_controller.go 74.46% 11 Missing and 1 partial ⚠️
Additional details and impacted files

Impacted file tree graph

@@            Coverage Diff             @@
##           master    #2499      +/-   ##
==========================================
+ Coverage   49.79%   49.85%   +0.06%     
==========================================
  Files         281      281              
  Lines       33006    33173     +167     
==========================================
+ Hits        16435    16540     +105     
- Misses      15239    15300      +61     
- Partials     1332     1333       +1     
Files with missing lines Coverage Δ
pkg/controller/clusterpool/collections.go 75.74% <100.00%> (+0.16%) ⬆️
pkg/controller/utils/clusterdeployment.go 77.48% <100.00%> (+6.05%) ⬆️
pkg/controller/utils/sa.go 67.90% <ø> (ø)
...entcustomization/clusterdeploymentcustomization.go 93.33% <100.00%> (+1.12%) ⬆️
pkg/test/clusterpool/clusterpool.go 95.23% <100.00%> (+0.18%) ⬆️
...shift/hive/apis/hive/v1/clusterdeployment_types.go 0.00% <ø> (ø)
...is/hive/v1/clusterdeploymentcustomization_types.go 0.00% <ø> (ø)
...m/openshift/hive/apis/hive/v1/clusterpool_types.go 0.00% <ø> (ø)
...g/controller/clusterpool/clusterpool_controller.go 58.11% <74.46%> (+1.45%) ⬆️
.../clusterdeployment/clusterdeployment_controller.go 66.15% <30.00%> (-0.88%) ⬇️
... and 1 more

Copy link
Member Author

@2uasimojo 2uasimojo left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Forgot to submit these queued up comments that came out of the live review we did on 11/19.

With this change, you can use new API field
`ClusterDeployment.Spec.Provisioning.CustomizationRef` to point to a
ClusterDeploymentCustomization (hereinafter "CDC") object in the same
namespace as the ClusterDeployment (CD).

ClusterDeploymentCustomizations:
CDC accepts a new subfield, `Spec.InstallerManifestPatches`, which
consists of:
- `Glob`: a string representing a file glob, relative to the installer
  working directory, matching one or more manifest files.
- `Patches`: a list of `PatchEntity` representing RFC6902 JSON patches
  to apply to the matched manifest(s).

Also, I got really annoyed having to type out
`clusterdeploymentcustomizations` on the CLI, so I added abbreviation
`cdc` to the schema.

ClusterPools:
CDC was already being used by ClusterPool-owned CDs to allow patching
the install-config generated from the template referred to by
`ClusterPool.Spec.InstallConfigSecretTemplateRef`. With this change,
ClusterPool-owned CDs can start using manifest patches in two ways (not
mutually exclusive):
- Patches specific to the CD can be included in the
  `InstallerManifestPatches` field of the existing Inventory CDCs.
- Patches applicable to all CDs in the pool can be provided by a CDC
  referenced via a new ClusterPool.Spec.CustomizationRef field.

HIVE-1793
@2uasimojo 2uasimojo force-pushed the HIVE-1793/manifest-patch branch from 4239df0 to c8f29d8 Compare January 6, 2025 20:31
Copy link
Contributor

openshift-ci bot commented Jan 6, 2025

@2uasimojo: all tests passed!

Full PR test history. Your PR dashboard.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files.
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants