-
Notifications
You must be signed in to change notification settings - Fork 719
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Remove operator roles #2530
Remove operator roles #2530
Conversation
Removes the roles flag. Adjusts the manifest templates for all-in-one and e2e tests. Removes the concept of a global operator but keeps the namespaced version for now.
Jenkins test this please |
To allow multiple deployments into the same system namespace for example
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Overall lgtm, just left few nits, I'm just wondering if we should also update https://github.com/elastic/cloud-on-k8s/blob/master/docs/design/0005-configurable-operator.md#decision-outcome
(Also I ran make ci-e2e TESTS_MATCH='^TestCrossNS'
successfully 👍)
Co-Authored-By: Michael Morello <michael.morello@gmail.com>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think docs/operator-config.asciidoc
also needs changes.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM!
Glad to see this simplification without losing flexibility.
One little thing tickles me but this can be discussed and handled later.
In the config/operator/README.md
, we present two different deployment modes: All-in-one
and Namespaced
. And we provide some examples of the manifests to deploy the operator in config/all-in-one
and config/namespace
.
I would like to be consistent with the names between the README and the config examples directories.
I'm not very comfortable with namespace
or Namespaced
. It is not very clear what it is. It makes me think that the operator is in a namespace... nothing more.
But one more time, it's about naming and it is hard to find the good words.
Some suggestions:
namespaces
: with the smulti-namespaces
: a bit long but more explicitcross-namespace
cluster-wide
: this tends to suggest it is for all namespaces
Note: I like the etcd operator approach where the default mode is pretty restricted and users need to opt-in to deploy the operator cluster-wide:
Default etcd operator behavior is to only manage etcd clusters created in the same namespace. It is possible to deploy an etcd operator with special option to manage clusterwide etcd clusters.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
) The trial license e2e test was failing since #2530 because we are now running the e2e with a operator restricted to the managed namespaces via --namespaces, but we did not include the operator namespace itself in the list of namespaces. As the list of namespaces controls which resources will be cached by the k8s client the operator was not able to access the license related secrets in the operator namespace and trial mode could not be activated. This commit makes sure the operator namespace is always included in the client cache even when running in namespace restricted mode.
What this PR does:
What this PR does not:
Fixes #2254