MCO-1669: add BootImageSkewEnforcement API #2357
Conversation
openshift-ci-robot
added
the
jira/valid-reference
|
@djoshy: This pull request references MCO-1669 which is a valid jira issue. Warning: The referenced jira issue has an invalid target version for the target branch this PR targets: expected the story to target the "4.20.0" version, but no target version was set. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository. |
|
Hello @djoshy! Some important instructions when contributing to openshift/api: |
openshift-ci
bot
added
do-not-merge/work-in-progress
|
Thanks for the questions & review(sorry it took a while!), this should be ready for another look. Happy to hop on a call if that is easier. Update: Did another push to fix up some tests. |
operator/v1/tests/machineconfigurations.operator.openshift.io/BootImageSkewEnforcement.yaml
Show resolved
Hide resolved
|
@djoshy: This pull request references MCO-1669 which is a valid jira issue. Warning: The referenced jira issue has an invalid target version for the target branch this PR targets: expected the story to target the "4.20.0" version, but no target version was set. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository. |
|
@djoshy: This pull request references MCO-1669 which is a valid jira issue. Warning: The referenced jira issue has an invalid target version for the target branch this PR targets: expected the story to target the "4.20.0" version, but no target version was set. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository. |
|
@djoshy: This pull request references MCO-1669 which is a valid jira issue. Warning: The referenced jira issue has an invalid target version for the target branch this PR targets: expected the story to target the "4.20.0" version, but no target version was set. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository. |
|
@djoshy: This pull request references MCO-1669 which is a valid jira issue. Warning: The referenced jira issue has an invalid target version for the target branch this PR targets: expected the story to target the "4.20.0" version, but no target version was set. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository. |
openshift-merge-robot
added
the
needs-rebase
djoshy
force-pushed
the
skew-enforcement
branch
from
66a9ee8 to
ced817a
Compare
openshift-merge-robot
removed
the
needs-rebase
djoshy
force-pushed
the
skew-enforcement
branch
from
ced817a to
8181cc5
Compare
|
Last push includes:
It seems to be failing |
@djoshy The |
There was a problem hiding this comment.
Took another look at this and from what I recall this aligns with what was discussed synchronously. I'm going to circle back around to see if there are any outstanding comments left from Joel's previous review while I was out, but otherwise this direction looks good to me.
|
@djoshy: This pull request references MCO-1669 which is a valid jira issue. Warning: The referenced jira issue has an invalid target version for the target branch this PR targets: expected the story to target the "4.21.0" version, but no target version was set. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository. |
|
@djoshy: This pull request references MCO-1669 which is a valid jira issue. Warning: The referenced jira issue has an invalid target version for the target branch this PR targets: expected the story to target the "4.21.0" version, but no target version was set. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository. |
|
/test all I think we're good to go here, I've updated the flowcharts and added the validation tables to the description per our latest discussions. cc @yuqi-zhang @everettraven Care to take a last look? |
djoshy
force-pushed
the
skew-enforcement
branch
from
04f36b6 to
7087c1e
Compare
| // manual describes the current boot image of the cluster. | ||
| // This should be set to the oldest boot image used amongst all machine resources in the cluster. | ||
| // This includes the RHCOS version of the boot image and the OCP release version which shipped with that RHCOS boot image. | ||
| // If ocpVersion and rhcosVersion are defined, both values will be used for checking skew compliance. |
There was a problem hiding this comment.
I assume the lower value (older image?) will be the authority? When does it make sense for both of these to be set? Should we enforce a single value only?
There was a problem hiding this comment.
I assume the lower value (older image?) will be the authority?
Our initial thought was an AND check if they're both defined, but its not a strongly held opinion by any means.
When does it make sense for both of these to be set? Should we enforce a single value only? When does it make sense for both of these to be set?
In Manual mode, where the admin sets these values, requiring only one of them felt a bit more convenient in terms of UX.
In Automatic mode, the MCO's controller would be able to set both. I think we figured more diagnostic information, if possible, was better.
There was a problem hiding this comment.
I suppose, if we think its a bit superfluous/problematic, we could potentially tighten up the validation later? 🤔
There was a problem hiding this comment.
So I think an AND check means the oldest image is the one the skew comes from
I guess it's hard to define what the right thing to do here is, but if you think in automatic mode there's value in setting both, I can see that making sense
We could add a validation so that in Manual mode, only one choice can be made (in spec?) to prevent us having to make a choice
Starting to feel like the manual spec config should be a discriminated union 🤔
There was a problem hiding this comment.
No strong opinion on this, but as David said, I think this was here mostly for ease of use for different admins, and in that sense, there shouldn't be a reason for them to set both RHCOS and OCP versions. I'd be +1 on Joel's last suggestion around enforcing that in manual mode, you can only set one or the other.
There was a problem hiding this comment.
New union looks correct to me, thanks
There was a problem hiding this comment.
Updated status side + tests too, let me know how that looks! I tried my best to align the go-docs, hope I didn't miss anything 😅
There was a problem hiding this comment.
Maybe I'm missing it, but I don't see the tests added for the manual modes in the status specifically.
I know it may seem redundant, but I'd personally like to have explicit tests for the union behavior in both spec and status to ensure we don't inadvertently break any expectations here in the future.
There was a problem hiding this comment.
ack, sorry about that, just added it - let me know if that's sufficient. Also fixed the typo that Joel had mentioned on slack in the new union discriminator's godoc.
There was a problem hiding this comment.
argh, found another typo, fixing and pushing up shortly 😅
Update: should be ready now
djoshy
force-pushed
the
skew-enforcement
branch
4 times, most recently
from
b7878f2 to
9657bc1
Compare
| // This field must match the OCP semver compatible format of x.y.z. This field must be between | ||
| // 5 and 10 characters long. | ||
| // Required when mode is set to "OCPVersion" and forbidden otherwise. | ||
| // +kubebuilder:validation:XValidation:rule="self.matches('^[0-9]+\\\\.[0-9]+\\\\.[0-9]+$')",message="bootImageOCPVersion must match the OCP semver compatible format of x.y.z" |
There was a problem hiding this comment.
| // +kubebuilder:validation:XValidation:rule="self.matches('^[0-9]+\\\\.[0-9]+\\\\.[0-9]+$')",message="bootImageOCPVersion must match the OCP semver compatible format of x.y.z" | |
| // +kubebuilder:validation:XValidation:rule="self.matches('^[0-9]+\\\\.[0-9]+\\\\.[0-9]+$')",message="ocpVersion must match the OCP semver compatible format of x.y.z" |
There was a problem hiding this comment.
Fixed, thanks! And added a test since I realized we didn't have them for this error mode.
djoshy
force-pushed
the
skew-enforcement
branch
from
9657bc1 to
08bfa12
Compare
|
/test remaining-required Scheduling tests matching the |
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: everettraven, JoelSpeed The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
|
@djoshy I'll leave it up to you how you would like to get this change verified and add the |
|
/verified later We'll verify this later alongside the MCO PoC PR. |
|
@djoshy: Only users can be targets for the In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository. |
|
/verified later @ptalgulk01 |
openshift-ci-robot
added
verified-later
verified
|
@djoshy: This PR has been marked to be verified later by In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository. |
|
@djoshy: all tests passed! Full PR test history. Your PR dashboard. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here. |
Install time workflow, active for release (n-1) and above
flowchart TD A[MCO install-time check] --> B{Is the skew API spec set?} B --> |No|C{Can the MCO manage boot images for this cluster?} B --> |Yes|E[Done] C --> |No|D[Set skew API spec to Manual, with boot image matching install time values] C --> |Yes|E D --> EReconciliation flow for skew API fields, active for upgrades to release (n-1) & above
flowchart TD A[Operator sync loop] --> B{Is the skew API spec/status set?} B --> |No|C{Can the MCO manage boot images for this cluster?} B --> |Yes|E[Done] C --> |No|D[Set Upgradeable=False to force cluster admin opinion] C --> |Yes|F[Set skew API status to Automatic] D --> E F --> ESkew enforcement mechanism sync loop, active in release n
flowchart TD A[Sync loop for skew mechanism. Triggered on: skew API knob updates, boot image update conditions] --> U{Is skew API mode set?} U --> |Yes|V{Determine skew API mode: Automatic, Manual or None?} U --> |No|K V --> |None|L[Raise a low level Prometheus alert to indicate scaling risk] V --> |Manual|I V --> |Automatic|E{Is the boot image controller in an error mode?} E --> |No| H[Wait until boot image controller is not progressing] E --> |Yes| K H --> I[Is the current skew compliant against the limit defined in the release image?] I --> |Yes| Done I --> |No| K[MCO sets Upgradeable=False] K --> Done L --> DoneValidation Tables
Both Spec Fields Set
Only ManagedBootImages Empty
Only SkewEnforcement Empty
Both Spec Fields Empty