pkg/types/installconfig: Add an (*InstallConfig).Tags() helper #465
Conversation
AWS resources created by the cluster (e.g. some elastic load-balancers) are currently missing the tectonicClusterID tag [1], which makes cleanup difficult. This helper makes it easy for those external tools to set the appropriate tags without needing local logic to generate them. [1]: openshift#458 (comment)
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: wking The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
openshift-ci-robot
added
approved
wking
force-pushed
the
install-config-tags-helper
branch
from
9e1a1e7
to
9a2a91e
Compare
|
I'm not convinced we need this added to the API. the terraform controls the tags. eg: |
True, but many resources are created by operators, etc. in the launched cluster and not through Terraform. This helper is intended to make life easier for those operators. For example, the machine-API operator could slot the value in here (where it looks like it's currently ignoring |
|
Like I said we are removing the machinesets from machine-api-operator. Also the InstallConfig will not hit the cluster. so no operator can use this api after cluster install. |
What about folks creating load-balanced services?
Well, that sinks this pretty clearly ;). Do we have a timeline for this? It would be nice to have tag-based cleanup not broken for too long :p. |
That we cannot control even if we add this API. It would be nice to have tag-based cleanup not broken for too long. I think the hive team was working on moving to using the |
No, but the easier we make it for folks to add the tags we want, the more likely they are to do it ;). More thoughts about how we're going to handle
Yeah, this PR is spun out from #458, where @joelddiaz was asking for |
|
@aaronlevy who could we talk to that could educate us on what the consequences might be if we started tagging things not meant for kubernetes (eg route53 zones, s3 buckets, etc) with the 'kubernetes.io/cluster/CLUSTER_NAME' tag? |
The cluster name is already required to be unique. If it collides with already existing, then all the dnses will be overwritten causing wierd errors, or terraform would complain and exit. |
I don't think DNS would be an issue if you used a different base domain. I'm less clear on whether there would be other Terraform collisions, but if there are, they're probably bugs. You should be able to create |
|
@joelddiaz I would expect the behavior to fall under cloud-providers, so maybe @enxebre? @wking https://github.com/kubernetes/kubernetes/blob/v1.12.1/pkg/cloudprovider/providers/aws/tags.go#L44-L51 is best descriptor I've found. For some of these resources we probably want to be using |
|
@enxebre the TL;DR of this can be summarized as: Would it be inappropriate to label things out in AWS that are not for kubernetes to inspect or be aware of with the kubernetes-specific label The purpose of this would be to be able to query AWS for all objects with tag kubernetes.io/cluster/CLUSTER_NAME to 1) simply see all the cloud pieces that make up cluster CLUSTER_NAME 2) be able to point the uninstaller at this tag, and have it delete the objects with the matching tag |
|
@wking do we need this anymore? |
I think so (or something similar); we're still not setting the user-configured tags on all the resources we create. If we want to throw in the towel on that front, I think we'd want to drop |
|
The goal is for the |
I thought you'd said that AWS tag information was going to move into a |
openshift-ci-robot
added
the
needs-rebase
|
@wking: PR needs rebase. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
|
@wking: The following tests failed, say
Full PR test history. Your PR dashboard. Please help us cut down on flakes by linking to an open issue when you hit one in your PR. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here. |
|
Obsolete. See openshift/api#231 and openshift/api#266. /close |
|
@wking: Closed this PR. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
Some AWS resources created by the cluster (e.g. some elastic load-balancers) are currently missing the
tectonicClusterIDtag, which makes cleanup difficult. This helper makes it easy for those external tools to set the appropriate tags without needing local logic to generate them.CC @joelddiaz