-
Notifications
You must be signed in to change notification settings - Fork 39.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Allow kcm and scheduler to lock on ConfigMaps. #45739
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Is it also possible to cherry pick my commit and add in your new fn signature? It's very similar to what I originally submitted :)
@@ -69,3 +74,29 @@ type Interface interface { | |||
// into a string | |||
Describe() string | |||
} | |||
|
|||
// Manufacture will create a lock of a given type according to the input parameters | |||
func Manufacture(lockType string, ns string, name string, client *cs.Clientset, rlc ResourceLockConfig) (Interface, error) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
ns, name string
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Why not just call this New? What is the significance of Manufacture in this context?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
New works for me.
Yes, Done. |
@@ -814,6 +814,7 @@ func autoConvert_v1alpha1_LeaderElectionConfiguration_To_componentconfig_LeaderE | |||
out.LeaseDuration = in.LeaseDuration | |||
out.RenewDeadline = in.RenewDeadline | |||
out.RetryPeriod = in.RetryPeriod | |||
out.LockType = in.LockType |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Technically, "endpoints" and "configmaps" are Kinds in our API. Types also include a version.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'm fine with changing the name.
- LockKind (sounds weird)
- ResourceLock
- LockType
... I don't really care. Do you have preferences @mikedanese ?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I would prefer LockResource
. It also needs to be a group and resource, not just one or the other. You probably don't want to perform discovery, so I'd recommend doing LockResource
and LockResourceGroup
or similar.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
endpoints
is a resource (addressable via the API) and is what most external components should use. Kind (Endpoints
) is a schema, and multiple resources can have that schema.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We're gradually phasing out use of GroupVersionKind in internal code, but it will take a while.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I was making this switch in openshift the other day and used:
https://github.com/openshift/origin/pull/14094/files#diff-3788994f990386b63387ece5c3b5dc33R1418 for the componentconfig equivalent and https://github.com/openshift/origin/pull/14094/files#diff-9eadaa7b7aac3bc9ea7ed27cb8908d52R86 for the CLI flag equivalent.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'll change the name to LockResource.
Re: grouping, that's done a layer above and passed into the Manufacture/New function, which keeps the library generic enough for general reuse.
That said, if we want to build it around the api w/Group, I think we could follow on with a separate PR.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LockResource SGTM
@k8s-bot gce etcd3 e2e test this |
@mikedanese I believe I've addressed the comments, PTAL. |
/lgtm |
[APPROVALNOTIFIER] This PR is NOT APPROVED This pull-request has been approved by: mikedanese, timothysc Assign the PR to them by writing
Needs approval from an approver in each of these OWNERS Files:
You can indicate your approval by writing |
@timothysc @deads2k the default |
@ravilr - Do we not have RBAC on any of our e2es? |
Should be on in all e2e tests. You can add the policy here: |
Meh, I'll fix up this PR. |
So the other change hits a different space, so I'm going to push this one through and follow up with a RBAC PR. |
Automatic merge from submit-queue (batch tested with PRs 45374, 44537, 45739, 44474, 45888) |
Automatic merge from submit-queue (batch tested with PRs 45269, 46219, 45966) Update RBAC policy for configmap locked leader leasing. **What this PR does / why we need it**: Updates the bootstrap policy to allow for configmap get/update/list/watch for leader leasing. **Which issue this PR fixes** Follow on PR from: #45739 xref: #44857 **Special notes for your reviewer**: **Release note**: ``` NONE ``` /cc @kubernetes/sig-auth-pr-reviews
What this PR does / why we need it:
Plumbs through the ability to lock on ConfigMaps through the kcm and scheduler.
Which issue this PR fixes
Fixes: #44857
Addresses issues with: #45415
Special notes for your reviewer:
Release note:
/cc @kubernetes/sig-cluster-lifecycle-pr-reviews @jamiehannaford @bsalamat @mikedanese