⚠️ Add watch label to allow multiple manager instances #4119
Conversation
k8s-ci-robot
added
do-not-merge/work-in-progress
|
Hi @MarcelMue. Thanks for your PR. I'm waiting for a kubernetes-sigs member to verify that this patch is reasonable to test. If it is, they should reply with Once the patch is verified, the new status will be reflected by the I understand the commands that are listed here. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
k8s-ci-robot
added
needs-ok-to-test
MarcelMue
changed the title
k8s-ci-robot
removed
the
do-not-merge/work-in-progress
| @@ -157,6 +177,12 @@ func ResourceNotPaused(logger logr.Logger) predicate.Funcs { | |||
| } | |||
| } | |||
|
|
|||
| // ResourceNotPausedAndHasLabel returns a predicate that returns true only if the | |||
| // ResourceNotPaused and ResourceHasLabel predicates return true. | |||
| func ResourceNotPausedAndHasLabel(logger logr.Logger, labelValue string) predicate.Funcs { | |||
There was a problem hiding this comment.
Something similar was implemented before but then removed. I tried to follow that structure and naming.
There was a problem hiding this comment.
If there are not performance concerns, I would prefer to keep paused and filter by label as a separated predicates
|
I think this might need some further discussion before we review. Personally I'd like to understand what the benefit of this approach is over using namespaces to separate the resources that should be reconciled by particular controllers |
| @@ -157,6 +177,12 @@ func ResourceNotPaused(logger logr.Logger) predicate.Funcs { | |||
| } | |||
| } | |||
|
|
|||
| // ResourceNotPausedAndHasLabel returns a predicate that returns true only if the | |||
| // ResourceNotPaused and ResourceHasLabel predicates return true. | |||
| func ResourceNotPausedAndHasLabel(logger logr.Logger, labelValue string) predicate.Funcs { | |||
There was a problem hiding this comment.
If there are not performance concerns, I would prefer to keep paused and filter by label as a separated predicates
k8s-ci-robot
added
ok-to-test
There has been discussion on this topic in several different places so far - it was also acknowledged here: Google doc which was shared with sig-cluster-lifecycle: Discussions during sync (just two examples): To answer your question briefly: Please let me know if there is a clear concern here - I am open to discuss but there has been IMO a lot of discussion leading up to this PR already. |
Should I align the docs in this same PR? Or would this be a follow up? |
There was a problem hiding this comment.
Only concern that came up during review is that now the predicate has to be added to each controller separately (which is also hard to test and could break any time).
Is Namespace based filtering not enough to run multiple controllers?
With Namespace based filters we also get the benefit of having the informers and all internal cache to only ever watch that namespace. With label based predicates instead, the cache is still being populated entirely, and watch notifications are still coming through but discarded
To me this mostly boils down to usability. I agree that there are some performance downside but this is a completely optional flag and from my experience with using this approach, the performance impact is negligible. The usability is important to me because this enables switching the reconciling controller in a single command: Changing the label. I feel like that is easy to understand, execute and handle. With a namespaced approach we would firstly have our namespace structure to fit the controller versions we use - this is not very nice IMO.
A basically atomic action in the workflow I propose here becomes a rather error prone, multi step process. I feel like we discussed these points before in a meeting - I am also more than happy to provide E2E tests for this functionality (I think the e2e workthrough is not out yet) if this increases your confidence. |
|
@CecileRobertMichon You also had opinions on this IIRC. |
I'm +1 on this PR. There is precedent for this with the Pause annotation. In addition, the default behavior does not change and this is completely opt-in, so the risk is low. We should definitely consider adding an E2E test for preventing future regressions though. |
k8s-ci-robot
added
the
needs-rebase
@CecileRobertMichon Did you meant the feature gates, or did I miss the use case you were referring to? |
MarcelMue
force-pushed
the
add-watch-label
branch
from
db1001c to
2a79c2a
Compare
k8s-ci-robot
removed
the
needs-rebase
|
@vincepri no I meant the pause annotation predicate (which had to be added to every single controller, including in infra providers) |
|
@CecileRobertMichon Oh I see, the implementation bits, yes. The flag though also has to be kept in sync, which is what I was thinking w.r.t. the feature gates. Thanks @MarcelMue for the explanation above, as long as we document these requirements and limitations +1 |
MarcelMue
force-pushed
the
add-watch-label
branch
from
1f1fceb to
f0d4357
Compare
k8s-ci-robot
added
the
lgtm
Azure provider maintainer here - /lgtm /assign @randomvariable @yastij @cpanato |
|
Actually, I just realized we should also update https://github.com/kubernetes-sigs/cluster-api/blob/master/docs/book/src/developer/architecture/controllers/support-multiple-instances.md @MarcelMue |
This PR already contains a simple addition of the label in the same section where the |
Ahh I must have missed that on my re-read. Thanks, all good from my side then. |
k8s-ci-robot
added
the
needs-rebase
MarcelMue
force-pushed
the
add-watch-label
branch
from
eff6b20 to
fc41bf6
Compare
k8s-ci-robot
removed
lgtm
Should be all rebased correctly now :) |
k8s-ci-robot
added
the
lgtm
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: vincepri The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
k8s-ci-robot
added
the
approved
|
/retitle |
k8s-ci-robot
changed the title
|
/retitle |
k8s-ci-robot
changed the title
What this PR does / why we need it:
This PR adds a flag which defines which CRs will be processed depending on a given label.
Which issue(s) this PR fixes (optional, in
fixes #<issue number>(, fixes #<issue_number>, ...)format, will close the issue(s) when PR gets merged):Fixes #4004