Move operator configuration into a custom resource and enable ignoring unrecoverable events #598
Conversation
amisevsk
force-pushed
the
config-in-crd
branch
from
c1a0053
to
090284d
Compare
amisevsk
changed the title
|
I'm curious is we can reproduce the e2e test failure from #593 in this PR /test v8-devworkspace-operator-e2e, v8-che-happy-path |
amisevsk
force-pushed
the
config-in-crd
branch
from
fbf5083
to
25366f6
Compare
|
go tests fail with |
controllers/controller/devworkspacerouting/solvers/basic_solver.go
Outdated
Show resolved
Hide resolved
| updatePublicConfig() | ||
| } | ||
|
|
||
| func updatePublicConfig() { |
There was a problem hiding this comment.
Maybe it makes sense to report in logs when changes are detected and Config is reloaded? Probably also print the result how it's merged with default
There was a problem hiding this comment.
I actually had this for debugging and removed it before opening the PR :D
I'll re-add
There was a problem hiding this comment.
Added. Currently, we log non-default values only (otherwise it can be very long).
One question: should we be logging clusterHostSuffix? Someone using DWO might want to suppress the URL of their cluster in logs, especially if sharing publicly in e.g. a bug report.
| defaultTerminalDockerimageProperty = "devworkspace.default_dockerimage.redhat-developer.web-terminal" | ||
| ) | ||
|
|
||
| func (wc *ControllerConfig) GetDefaultTerminalDockerimage() (*dw.Component, error) { |
There was a problem hiding this comment.
I think e2e test needs to be adapted after these changes:
------------------------------
• Failure [1.527 seconds]
[Create OpenShift Web Terminal Workspace]
/home/sleshche/projects/devworkspace-operator/test/e2e/pkg/tests/devworkspaces_tests.go:25
Check that pod creator can execute a command in the container [It]
/home/sleshche/projects/devworkspace-operator/test/e2e/pkg/tests/devworkspaces_tests.go:56
Cannot execute command in the devworkspace container. Error: `exit status 1`. Exec output: `Error from server (BadRequest): container dev is not valid for pod workspaceda33612faf9843c6-5c775dc868-26vs7
Currently, it references plugin from internal registry
https://github.com/devfile/devworkspace-operator/blob/main/samples/web-terminal.yaml#L16
I think the way we should rework it - make it not terminal specific test but restricted access. Then we can pretty any container component and controller.devfile.io/restricted-access: "true" annotation
There was a problem hiding this comment.
Here's hoping I fixed it -- I don't have OpenShift handy to test changes 🤞
| } else { | ||
| config.ConfigMapReference.Namespace = os.Getenv(infrastructure.WatchNamespaceEnvVar) | ||
| } | ||
| err = config.WatchControllerConfig(mgr) |
There was a problem hiding this comment.
Che Operator needs to be adapted to these changes not to break Che + DevWorkspace integration on Kubernetes:
please note that Operator CR must be already available when Che Operator does this logic
There was a problem hiding this comment.
Opened PR eclipse-che/che-operator#1081 (note no config CRD is necessary to run DWO anymore, and clusterHostSuffix is only required for the basic routing solver, which is outside the Che Operator use-case).
| kind: DevWorkspaceOperatorConfig | ||
| apiVersion: controller.devfile.io/v1alpha1 | ||
| metadata: | ||
| name: devworkspace-operator-config |
There was a problem hiding this comment.
| name: devworkspace-operator-config | |
| name: devworkspace-operator-config | |
| namespace: ${NAMESPACE} |
There was a problem hiding this comment.
Also, I got my routing suffix wrongly assigned
There was a problem hiding this comment.
Ahh yes, previously, on OpenShift we would always overwrite clusterHostSuffix from a route, even if the configmap contained a different value. With the current changes, we only create the test route when clusterHostSuffix is unset (which doesn't happen with the makefile, since it creates a config).
I'll think about how best to handle this -- should we just assume OpenShift users want to use the default fill for route.spec.host?
There was a problem hiding this comment.
I've updated the Makefile to not set a default ROUTING_SUFFIX anymore. On OpenShift, this should result in the config getting an empty value, which would be auto-filled by the controller. On Kubernetes, we auto-detect it in the makefile for minikube and print a warning if it's empty.
| name: devworkspace-operator-config | ||
| config: | ||
| routing: | ||
| clusterHostSuffix: ${ROUTING_SUFFIX} |
There was a problem hiding this comment.
This actually shows another issue we have: it would be better to report: Waiting for main endpoint be ready, health check fails:
it makes sense to create a separate issue for that. I'll do
There was a problem hiding this comment.
Probably the background for one more issue:
After clusterSuffix is cleaned up, it's not propagated to existing workspaces, even after restart. Removing DevWorkspace Routing helps but it's not desired behavior I think.
There was a problem hiding this comment.
Hmm I'm not sure how to reproduce the above issue (deployment is running but devworkspace reports waiting for workspace deployment). When I start a DevWorkspace locally, I see the Waiting for editor to start message (sometimes, only briefly) -- I assume if startup is really hung on the health check, that message should show up.
There was a problem hiding this comment.
After clusterSuffix is cleaned up, it's not propagated to existing workspaces, even after restart. Removing DevWorkspace Routing helps but it's not desired behavior I think.
This is because the DevWorkspaceRouting CR doesn't store clusterRouteSuffix, so reconciling the DevWorkspace won't trigger any reconciles to the DevWorkspaceRouting. Anything triggering a reconcile for the routing object will cause the change to be reflected (e.g. modifying annotations/labels on routes) but otherwise there are no events for the routing controller to respond to.
We could work around this by propagating the .spec.started field to DevWorkspaceRouting; this would at least enable stopping + restarting the workspace to propagate the config change.
amisevsk
force-pushed
the
config-in-crd
branch
from
87ca323
to
914162f
Compare
|
Squashed the large mess of fixup commits |
amisevsk
force-pushed
the
config-in-crd
branch
from
914162f
to
05aca76
Compare
|
/test v8-devworkspace-operator-e2e, v8-che-happy-path |
There was a problem hiding this comment.
I haven't reviewed changes carefully again but I have tested on OpenShift and it works fine.
Probably logs much be more reach, like what is the whole config piece, but not just what is changed. And what are actually default config are
But let's move it out of the current PR scope.
Good job!
Signed-off-by: Angel Misevski <amisevsk@redhat.com>
Signed-off-by: Angel Misevski <amisevsk@redhat.com>
* Remove web-terminal defaulting functionality * Move all env-var related config settings into same file * Remove unused GetTlsInsecureSkipVerify Signed-off-by: Angel Misevski <amisevsk@redhat.com>
Signed-off-by: Angel Misevski <amisevsk@redhat.com>
Signed-off-by: Angel Misevski <amisevsk@redhat.com>
Signed-off-by: Angel Misevski <amisevsk@redhat.com>
Signed-off-by: Angel Misevski <amisevsk@redhat.com>
Signed-off-by: Angel Misevski <amisevsk@redhat.com>
Signed-off-by: Angel Misevski <amisevsk@redhat.com>
Signed-off-by: Angel Misevski <amisevsk@redhat.com>
Log all updates to internal configuration to hopefully aid diagnosing issues in the future. Signed-off-by: Angel Misevski <amisevsk@redhat.com>
Add new testing DevWorkspace resource that utilizes restricted access but does not attempt to use plugins from the internal registry. Signed-off-by: Angel Misevski <amisevsk@redhat.com>
Since ROUTING_SUFFIX has to be set for each Kubernetes cluster (and not set in OpenShift), don't use any default value for ROUTING_SUFFIX. If running in minikube, autodetect appropriate ROUTING_SUFFIX; otherwise (if on Kubernetes) warn user that ROUTING_SUFFIX is unset. On OpenShift, rely on default detection unless ROUTING_SUFFIX is explicitly set Signed-off-by: Angel Misevski <amisevsk@redhat.com>
Signed-off-by: Angel Misevski <amisevsk@redhat.com>
amisevsk
force-pushed
the
config-in-crd
branch
from
05aca76
to
7d280c9
Compare
|
e2e tests failed because /test v8-devworkspace-operator-e2e, v8-che-happy-path |
|
/retest |
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: amisevsk, JPinkney, sleshchenko The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
What does this PR do?
DevWorkspaceOperatorConfiguration, shortnamedwoc), hopefully making configuration easiercombined.yamlanymore (rejected as unrecognized). I've moved creation of a config from env vars to a separate step inmake installCurrently, the config CR's name is hard-coded to
devworkspace-operator-config. It might be worth changing that since it could be unclear (you have to create a CR with this specific name)One potential task to complete before merging is to implement a sort of migration process that converts an existing configmap into a config CR, to allow seamless migration from previous installs.
Hopefully the commit history is legible; the change is fairly wide-ranging due to how frequently config is used in DWO.
What issues does this PR fix or reference?
Closes #550
Closes #191
Related to #577
Is it tested? How?
FailedSchedulingevents:Bonus:
PR Checklist
/test v8-devworkspace-operator-e2e, v8-che-happy-pathto trigger)v8-devworkspace-operator-e2e: DevWorkspace e2e testv8-che-happy-path: Happy path for verification integration with Che