Add Proposal for dependency resolution in kc #732
Conversation
✅ Deploy Preview for carvel ready!
To edit notification comments on pull requests, go to your Netlify site configuration. |
praveenrewar
force-pushed
the
kc-dependency-res-proposal
branch
from
10e6281
to
15077de
Compare
praveenrewar
changed the title
praveenrewar
force-pushed
the
kc-dependency-res-proposal
branch
from
15077de
to
f8a426e
Compare
praveenrewar
force-pushed
the
kc-dependency-res-proposal
branch
from
f8a426e
to
51f6d3b
Compare
There was a problem hiding this comment.
@praveenrewar Thanks for the proposal. This is a very useful feature to have in kapp-controller. Just a few more questions:
- Is the proposal intended to cover the design of the resolver itself? (In OLM we do use a SAT solver, so just curious if there is some investigation in progress to figure out the options).
- Do users creating package install have the option of doing a force install?
- Given the dependent package installs are exposed to the user, what happens when it is deleted directly? In the sense, do we have watches set up on dependent packages and how frequently does the resolution occur?
We currently use a resolver based on the semver constraints in the package install api to resolve the versions, we are planning to re-use it for dependency resolution. (Does this answer your question?)
Do you mean if users can install packages without installing the dependencies? Then, yes, users can set the
In the first few iterations at least, we won't have an watches set for the dependencies, but we could think about it in future enhancements. This is a good point, I will add it to the list of future enhancements. Thanks! |
|
comments/questions: The doc contradicts itself. In the crd spec you have User as the default mode but in the example the comment says the default will be Auto in terms of dependency installation. Which is the approach you are planning on implementing? What if packages are not in the same namespace? Does this require them to all be in the same namespace and or be in the global namespace? Do all dependencies use the same service account as the main package install or is a service account able to be specified for different dependencies? How can overlays be applied to dependant packages? Would this require manual dependency installation? Does this work for targetting a different cluster as well or only for in cluster package installations? Would canceling/pausing the main packagr install have an impact and cascade to dependencies or not? Are changes made manually to auto installed dependent package installs reverted at next reconcile? Can one manually pause/cancel reconcilliation of a dependency? Is the sync period of the dependencies copied from the main app or always set to the default value? The doc says that when a package already is installed but not of the version which is needed for the new package install, kapp controller will try to install the new version, does this mean it will try to update the version of the existing package install or create another one? If its upgrading the existing one, how does kapp controller know the newer version is safe for the other root packages depending on the original dependency version? If it tries to install another pkgi side by side, what if the install type is once per cluster or once per namespace? The spec of the package CRD is not inline with the example. Thr example has a packageRef section with version constraints which is great whereas the CRD spec has a version field only under a package key which seems to not support version ranges and constraints. Which approach is planned to be implemented? |
praveenrewar
force-pushed
the
kc-dependency-res-proposal
branch
from
51f6d3b
to
703800a
Compare
|
Thanks a lot @vrabbi!! These are some really great questions! I will answer them inline here and then try to move them to the proposal (either update it or add the question in the "Answered questions sections).
Good catch!
For now the packages should be in the same namespace, in future we can think about expanding the search to the whole cluster, this will be important for packages which have installationType as
Yes, for now, the dependencies will be using the same service account. In future, we can think of alternatives where a different SA is used for each dependency.
I feel that in this case we reach a stage where we are trying to control a lot of stuff on the dependency so should be manually installing the dependency, but if you think that we should allow adding overlays for dependencies directly, then we can think about having something similar to the data values for the overlays as well.
In theory, it should work when you are targeting another cluster. You should have the dependency packages available on the cluster you are creating the current package install, and then if kapp-controller tries to use the same kubeconfig secret for installing the dependency packages on the target cluster, it should work.
There won't be any cascading of the
Yes, the changes would be reverted on the next reconciliation. We can pause both the original pkgi and the dependency pkgi if we want.
For this initial iterations, kapp-controller will fail when a certain version of a dependency is installed which doesn't satisfy the constraints provided by our package (one of the conditions in the example covers this). In future versions, we will try to install another version of the package if the installationType is
Thanks. I have updated it. We will use packageRef. |
|
Thanks for the detailed response. I think overlays are important and in many cases are needed so having that option makes sense to me and i have a few use cases where this would make a lot of sense. In terms of pausing dependencies i think its fine that it doesnt pause them it just needs to be clear in the docs/proposal. In an ideal world i could see value in having a paused field under each dependency in the main package that would be how to pause a dependency. This is better than pausing the dependency directly as all management of the dependency is through a single resource vs it being from multiple sources. Also it would work better for gitops solutions where only the main package is controlled by git and as such would allow for more advanced use cases. If this were done, i would expect changes done directly on the dependencies including setting the paused field to be overriden as the source of truth is the main packageinstall Another new question is how could one "orphan" a dependency that was auto installed so it could be managed seperately. I can think of many cases where initially the user wants to manage a dependency simply via thr high level package but times may come when they want to manage it seperately as they have more specific use cases they want to have configurable. In this case i think that breaking the ownership would be a needed ability for users. |
|
Thanks @vrabbi for the thoughts. We can include overlays for dependencies as well, maybe in future iterations as we are evaluating if we should have a overlays as a first class api in the package install instead of annotations. Makes sense regarding not pausing the dependencies, I will update the proposal to make it more clear.
Hmm, definitely an interesting use case. I am thinking that from the current implementation perspective, removing the owner annotation manually from the dependency would be one way, although I think it would be useful to have a way to de-link the dependency from the owner pkgi. I will add this in the future explorations section as well. |
praveenrewar
force-pushed
the
kc-dependency-res-proposal
branch
from
703800a
to
661200c
Compare
praveenrewar
force-pushed
the
kc-dependency-res-proposal
branch
from
661200c
to
f2aeb03
Compare
There was a problem hiding this comment.
I think we are in a good place with this proposal. We can remove the Open Question since it is already answered.
Let us also try to close all the open conversations, and if no outstanding comments are added I think we can mark it as approved somewhere middle next week.
praveenrewar
force-pushed
the
kc-dependency-res-proposal
branch
from
f2aeb03
to
05a643c
Compare
Signed-off-by: Praveen Rewar <8457124+praveenrewar@users.noreply.github.com>
praveenrewar
force-pushed
the
kc-dependency-res-proposal
branch
from
05a643c
to
c0aa874
Compare
|
@cppforlife I have addressed your comments. Please give it another look when you get a chance. |
|
@praveenrewar, please create a new commit with the change of status to approved since we have already passed the consensus period. |
Signed-off-by: Praveen Rewar <8457124+praveenrewar@users.noreply.github.com>
|
@joaopapereira Done! |
No description provided.