*: implement how to deploy an etcd cluster #3
Conversation
fanminshi
force-pushed
the
implement_deploy
branch
4 times, most recently
from
0a1eca0 to
c019f65
Compare
|
Manual Test: # setup etcd-operator
$ kubectl create -f deploy/etcd_crds.yaml
$ kubectl create -f deploy/etcd-operator-deploy.yaml
# setup vault-operator
$ kubectl create -f deploy/operator.yaml
$ kubectl create -f deploy/cr.yamlOutput: $ kubectl get po
NAME READY STATUS RESTARTS AGE
etcd-operator-6cccdc5566-lc5vj 3/3 Running 0 7m
example-etcd-2vnt6rjmjh 1/1 Running 0 1m
example-etcd-f65s5mzp9f 1/1 Running 0 2m
example-etcd-p77v54smvx 1/1 Running 0 2m
vault-operator-788978b8b-6sfhc 1/1 Running 0 2m |
fanminshi
force-pushed
the
implement_deploy
branch
from
814bec3 to
859b6fd
Compare
vault-operator/Gopkg.toml
Outdated
| @@ -10,6 +10,10 @@ | |||
| name = "k8s.io/client-go" | |||
| version = "kubernetes-1.9.3" | |||
|
|
|||
| [[override]] | |||
| name = "github.com/coreos/etcd-operator" | |||
| branch = "master" | |||
There was a problem hiding this comment.
Set this to a fixed version so that the builds are reproducible, i.e this doesn't fail anytime the etcd-operator master breaks something.
[[override]]
name = "github.com/coreos/etcd-operator"
version = "=v0.9.1"
There was a problem hiding this comment.
@hasbro17 the issue with v0.9.1 is that it uses an outdated generated deepcopy function that's not compatible with api-machinery 1.9.3. hence, if I were to import the above, the vault-operator won't compile. However, the outdated deepcopy definition is updated in the master via coreos/etcd-operator#1727
There was a problem hiding this comment.
I'll update this once we have release a new version of etcd-operator.
There was a problem hiding this comment.
Alright, put a TODO for now.
vault-operator/pkg/stub/vault.go
Outdated
| @@ -0,0 +1,132 @@ | |||
| package stub | |||
|
|
|||
| // reconcileVault reconciles the vault cluster's state to the spec specified by vr | |||
There was a problem hiding this comment.
Move this comment down to the function header
fanminshi
force-pushed
the
implement_deploy
branch
3 times, most recently
from
da6f119 to
757d31c
Compare
vault-operator/pkg/stub/vault.go
Outdated
| // Simulate initializer. | ||
| changed := vr.SetDefaults() | ||
| if changed { | ||
| err := action.Update(vr) |
There was a problem hiding this comment.
Just return the err directly if it's not being wrapped:
if change {
return action.Update(vr)
}
vault-operator/pkg/stub/vault.go
Outdated
| // If not, we need to wait until etcd cluster is up before proceeding to the next state. | ||
| // Hence, we return from here and let the Watch triggers the handler again. | ||
| rdy, err := isEtcdClusterReady(ec) | ||
| if rdy || err != nil { |
There was a problem hiding this comment.
This logic isn't very clear. Make it more explicit:
ready, err := isEtcdClusterReady(ec)
if err != nil {
return fmt.Errorf("failed to check if etcd cluster is ready: %v", err)
}
if !ready {
logrus.Infof("Waiting for EtcdCluster (%v) to become ready: %v", ec.Name)
return nil
}Make sure to add the logging since unlike the original implementation there is no limited retry period in checking the EtcdCluster readiness and it could keep waiting without providing any information about the reason.
Also correct me if I'm wrong but with the current logic if ready=true then that would just return nil everytime and we won't proceed beyond this.
There was a problem hiding this comment.
Also correct me if I'm wrong but with the current logic if ready=true then that would just return nil everytime and we won't proceed beyond this.
You are correct. Good catch!
There was a problem hiding this comment.
Also we need to update vr.Status.Phase to Running after it's confirmed the EtcdCluster is ready.
There was a problem hiding this comment.
@hasbro17 will update the phase when implementing https://github.com/coreos-inc/vault-operator/blob/master/pkg/operator/sync.go#L183
vault-operator/pkg/stub/vault.go
Outdated
| trueVar := true | ||
| return metav1.OwnerReference{ | ||
| APIVersion: api.SchemeGroupVersion.String(), | ||
| Kind: "VaultService", |
There was a problem hiding this comment.
Use:
Kind: api.VaultServiceKind,
There was a problem hiding this comment.
Currently, we don't auto generate the VaultServiceKind in the register.go. However, we might want to do that in the future. For this pr, I'll just manually add VaultServiceKind into register.go
fanminshi
force-pushed
the
implement_deploy
branch
from
757d31c to
05c5464
Compare
|
all fixed PTAL cc/ @hasbro17 |
vault-operator/pkg/stub/vault.go
Outdated
| // Check if etcd cluster is up and running. | ||
| // If not, we need to wait until etcd cluster is up before proceeding to the next state; | ||
| // Hence, we return from here and let the Watch triggers the handler again. | ||
| rdy, err := isEtcdClusterReady(ec) |
There was a problem hiding this comment.
Minor nit but can you change rdy to ready. I feel that's easier to read and it's short enough already.
|
LGTM |
fanminshi
force-pushed
the
implement_deploy
branch
from
05c5464 to
22ac71c
Compare
The first, vault operator needs to create an etcd cluster before proceeding to other parts of reconciliation.
This pr shows that the reconciliation loop operates on the model of finding the current state and apply the appropriate action.
For example,
ClusterPhaseInitialstate.the Handle again.
ClusterPhaseInitialstate, then proceed to figure next vault cluster's state and apply the corresponding actions.cc/ @hasbro17