Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Embrace Resource Owners #75

Open
spjmurray opened this issue Nov 25, 2024 · 1 comment
Open

Embrace Resource Owners #75

spjmurray opened this issue Nov 25, 2024 · 1 comment
Labels
enhancement New feature or request good first issue Good for newcomers

Comments

@spjmurray
Copy link
Member

Kubernetes already supports hierarchical ownership and cascading deletion. Rather than doing this ourselves, we should use owner references to do the heavy lifting and remove a bunch of code and RBAC permissions e.g.

  • identity
    • network
      • server
    • security group
      • security group rule

Thus we can delete things anywhere in the hierarchy and get the correct cascading semantics.

Open question... deleting a security group while in use by a server will fail, how do we handle this?
@spjmurray spjmurray added enhancement New feature or request good first issue Good for newcomers labels Nov 25, 2024
@spjmurray spjmurray mentioned this issue Nov 25, 2024
Merged
@spjmurray
Copy link
Member Author

For any newbies undertaking this task, read https://kubernetes.io/docs/concepts/overview/working-with-objects/owners-dependents/ especially the foreground/blocking deletion semantics.

spjmurray added a commit that referenced this issue Nov 27, 2024
@spjmurray
Improve Cascading Cleanup
02ff987 
Servers need to be deleted before networks, networks before identities
etc.  Kubernetes provides this via cascading foregroud deletion and
blocking owner deletion.  This basically removes a bunch of code where
we were doing this ourselves.  While it works via the API, be damn sure
you use `kubectl delete --cascade=foreground` via the CLI if ever
needed.

Implements #75
spjmurray added a commit that referenced this issue Nov 27, 2024
@spjmurray
Improve Cascading Cleanup
70cffcd 
Servers need to be deleted before networks, networks before identities
etc.  Kubernetes provides this via cascading foregroud deletion and
blocking owner deletion.  This basically removes a bunch of code where
we were doing this ourselves.  While it works via the API, be damn sure
you use `kubectl delete --cascade=foreground` via the CLI if ever
needed.

Implements #75
spjmurray added a commit that referenced this issue Nov 27, 2024
@spjmurray
Improve Cascading Cleanup (#78)
7ccbe68 
Servers need to be deleted before networks, networks before identities
etc.  Kubernetes provides this via cascading foregroud deletion and
blocking owner deletion.  This basically removes a bunch of code where
we were doing this ourselves.  While it works via the API, be damn sure
you use `kubectl delete --cascade=foreground` via the CLI if ever
needed.

Implements #75
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request good first issue Good for newcomers
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@spjmurray