Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update precedence for schedule #677

Merged
merged 3 commits into from
Oct 24, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
13 changes: 10 additions & 3 deletions cmd/manager/main.go
Original file line number Diff line number Diff line change
Expand Up @@ -91,13 +91,19 @@ func main() {
flag.StringVar(&cfg.Namespace, "namespace", cfg.Namespace, "Namespace where the CSIAddons pod is deployed")
flag.BoolVar(&enableAdmissionWebhooks, "enable-admission-webhooks", false, "[DEPRECATED] Enable the admission webhooks")
flag.BoolVar(&showVersion, "version", false, "Print Version details")
flag.StringVar(&cfg.SchedulePrecedence, "schedule-precedence", "", "The order of precedence in which schedule of reclaimspace and keyrotation is considered. Possible values are sc-only")
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

can we have a validation for this one to ensure that only user is passing expected values?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

In case of invalid values, we fall back to the default precedence (ignoring it). The new precedence is used only when the value is sc-only. You want to exit in case of invalid value (we do that in case of configmap)?

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

we need to validate and exit in the main.go or from where ever we are reading the value from the configmap, if we don't have the logs we will not get to know why it got skipped

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Done

opts := zap.Options{
Development: true,
TimeEncoder: zapcore.ISO8601TimeEncoder,
}
opts.BindFlags(flag.CommandLine)
flag.Parse()

if cfg.SchedulePrecedence != "" && cfg.SchedulePrecedence != util.ScheduleSCOnly {
setupLog.Error(nil, "invalid value for schedule-precedence", "schedule-precedence", cfg.SchedulePrecedence)
os.Exit(1)
}

if showVersion {
version.PrintVersion()
return
Expand Down Expand Up @@ -180,9 +186,10 @@ func main() {
os.Exit(1)
}
if err = (&controllers.PersistentVolumeClaimReconciler{
Client: mgr.GetClient(),
Scheme: mgr.GetScheme(),
ConnPool: connPool,
Client: mgr.GetClient(),
Scheme: mgr.GetScheme(),
ConnPool: connPool,
SchedulePrecedence: cfg.SchedulePrecedence,
}).SetupWithManager(mgr, ctrlOptions); err != nil {
setupLog.Error(err, "unable to create controller", "controller", "PersistentVolumeClaim")
os.Exit(1)
Expand Down
10 changes: 10 additions & 0 deletions docs/encryptionkeyrotation.md
Original file line number Diff line number Diff line change
Expand Up @@ -147,3 +147,13 @@ over StorageClass annotation. The kubernetes-csi-addons only generate a `Encrypt
if the annotation exists on the StorageClass. If an admin needs to modify or delete the
annotation on the StorageClass, they must perform the same action on all the PersistentVolumeClaims
created from this StorageClass.

## Annotating EncrpytionKeyRotationCronJob

In cases where a certain `EncrpytionKeyRotationCronJob` is to have a different schedule that the one present
in Namespace, StorageClass or PersistentVolumeClaim annotations one could annotate the `EncryptionKeyRotationCronJob`
itself by adding the `csiaddons.openshift.io/state: "unmanaged"` annotation.

CSI Addons will not perform any further modifications on the `EncryptionKeyRotationCronJob` with the `unmanaged` state.

To have a custom schedule the user can then modify the `schedule` field of the `EncryptionKeyRotationCronJob` spec.
10 changes: 10 additions & 0 deletions docs/reclaimspace.md
Original file line number Diff line number Diff line change
Expand Up @@ -144,3 +144,13 @@ over StorageClass annotation. The kubernetes-csi-addons only generate a `Reclaim
if the annotation exists on the StorageClass. If an admin needs to modify or delete the
annotation on the StorageClass, they must perform the same action on all the PersistentVolumeClaims
created from this StorageClass.

## Annotating ReclaimSpaceCronJob

In cases where a certain `ReclaimSpaceCronJob` is to have a different schedule that the one present
in Namespace, StorageClass or PersistentVolumeClaim annotations one could annotate the `ReclaimSpaceCronJob`
itself by adding the `csiaddons.openshift.io/state: "unmanaged"` annotation.

CSI Addons will not perform any further modifications on the `ReclaimSpaceCronJob` with the `unmanaged` state.

To have a custom schedule the user can then modify the `schedule` field of the `ReclaimSpaceCronJob` spec.
Loading
Loading