Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Pluggable Workspace Cluster: Admission Constraints #4158

Merged
merged 5 commits into from
May 7, 2021
Merged

Pluggable Workspace Cluster: Admission Constraints #4158

merged 5 commits into from
May 7, 2021

Conversation

csweichel
Copy link
Contributor

This PR adds "admission constraints" to pluggable workspace cluster. With this change one can limit the set of workspace clusters a workspace can land on. To this end, each cluster registration can have a set of "admission constraints" associated with it. For the time being there are two constraints available:

  • has-feature-preview makes the cluster available if the user who is starting the workspace has "feature preview" enabled
  • has-permission=<permission> makes the cluster available if the user has the <permission>

In addition this PR

  • updates the bash completion support for gpctl (gpctl completion --help)
  • makes gpctl clusters list show all clusters, static and dynamic. There's a static flag that differentiates the two.
  • introduces gpctl clusters swap to change over state and score for two clusters

This enables a set of use-cases:

  • register a new cluster and try it out: 
    # assuming your user has the `new-workspace-cluster` permission

# register the cluster
gpctl clusters register --name demo --hint-cordoned ...

# add the admission constraint
gpctl clusters update --name demo admission-constraint add has-permission=new-workspace-cluster

# uncordon and increase score to ensure this is the preferred cluster for everyone with the permission
gpctl clusters uncordon --name demo
gpctl clusters update --name demo score 10000
  • make a cluster available to users with feature-preview: 
    # register the cluster
gpctl clusters register --name demo --hint-preferability dont-schedule ...

# add the admission constraint
gpctl clusters update --name demo admission-constraint add has-feature-preview

# increase score to start some workspaces for users with feature-preview on the new cluster
gpctl clusters update --name demo score 10
  • change over to a "fallback cluster" 
    $ gpctl clusters list
NAME        URL                    STATIC        STATE            SCORE        GOVERNED        ADMISSION CONSTRAINTS
prod         ws-manager:8080        false          AVAILABLE       50          true            []
fallback     ws-manager:8082        false          CORDONED        0           true            []

# swap prod and fallback
gpctl clusters swap prod fallback

$ gpctl clusters list
NAME        URL                    STATIC        STATE            SCORE        GOVERNED        ADMISSION CONSTRAINTS
prod         ws-manager:8080        false          CORDONED       0          true            []
fallback     ws-manager:8082        false          AVAILABLE        50           true            []

@csweichel csweichel force-pushed the cw/pwc-constraints branch from 3addfc8 to b8a96bb Compare May 6, 2021 14:51
corneliusludmann
corneliusludmann approved these changes May 6, 2021
View reviewed changes
Copy link
Contributor

@corneliusludmann corneliusludmann left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code looks good. I have not found anything to complain about. 👍

@csweichel csweichel merged commit 38faf38 into main May 7, 2021
@csweichel csweichel deleted the cw/pwc-constraints branch May 7, 2021 06:23
geropl
geropl reviewed May 10, 2021
View reviewed changes
components/ws-manager-api/typescript/src/client-provider.ts
const client = await this.get(chosenCluster.name);
return {
manager: client,
installation: chosenCluster.name,
};
}

public async getAvailableStartCluster(user: User, workspace: Workspace, instance: WorkspaceInstance): Promise<WorkspaceClusterWoTLS[]> {
const allClusters = await this.source.getAllWorkspaceClusters();
const availableClusters = allClusters.filter(c => c.score >= 0 && c.state === "available").filter(admissionConstraintsFilter(user, workspace, instance));
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

  • c.govern

👍

@jankeromnes jankeromnes mentioned this pull request May 10, 2021
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@geropl geropl geropl left review comments

@corneliusludmann corneliusludmann corneliusludmann approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@csweichel @corneliusludmann @geropl