Add a type to the v1 model for the updated ClusterConfig#489
Merged
Conversation
jan-g
requested review from
RafalKorepta,
andrewstucki,
chrisseto and
gene-redpanda
as code owners
Contributor
Author
|
This is mostly to invite comment about the proposed attribute for cluster config (we'll do something similar for node configuration rather than splitting the AdditionalConfiguration up according to prefix). I think this needs to be merged with the current configuration - but because we want late binding of external secrets, we'll have to teach the configuration subcommand to pre-process a |
alenkacz
reviewed
Mar 6, 2025
| // If the value is supplied by an external source, coordinates are embedded here. | ||
| // For non-string target types, the string value fetched from the source will be treated as | ||
| // a value encoded according to YAML rules. | ||
| ExternalSecretRef *struct { |
Contributor
There was a problem hiding this comment.
the original agreement was that this feature will pretty much be hidden, also I think we'll be using just secret name as a generic/platform agnostic pointer to what you want to read.
We can also emit this from the first implementation.
For reference, what I am going to get from controlplane is ${secrets.PASSWORD}
jan-g
force-pushed
the
v1-cluster-config
branch
9 times, most recently
from
299bb76 to
b4dfd63
Compare
chrisseto
reviewed
Mar 10, 2025
alenkacz
reviewed
Mar 11, 2025
Contributor
alenkacz
left a comment
alenkacz
left a comment
There was a problem hiding this comment.
Chris made very good comments 👌 I like the direction
| // of concrete values, references to external secrets (which are expanded at this point), or references | ||
| // to values in environment variables. The last should be injected into the environment of the container | ||
| // by appropriate EnvVar entries. | ||
| func ExpandValueForTemplate(v vectorizedv1alpha1.ClusterConfigValue) (vectorizedv1alpha1.YamlRepresentation, error) { |
Contributor
There was a problem hiding this comment.
really cool and clean 👍 nice job
jan-g
force-pushed
the
v1-cluster-config
branch
10 times, most recently
from
00174e9 to
6b056e1
Compare
Contributor
Author
|
One last bit to take care of: the older GlobalConfiguration.ClusterConfiguration really isn't enough to determine whether the live admin api should be poked. We'll use the template file for the moment, then replace all the drift controller etc. with a periodic reassertion of state. |
ClusterConfiguration values can either be concrete ones, or references - either to k8s resources (such as ConfigMap or Secret) or an external secret. Concrete items are represented as strings - the attribute in a CR should have the yaml representation of the raw value. This permits us to inject it verbatim into a reconstituted `.bootstrap.yaml` file, and (with the aid of a schema from a running Redpanda cluster) turn the representation into concrete values without loss of fidelity. We use json encoding to construct these, and yaml decoding (which is a little more flexible in what it'll accept) to decode them.
jan-g
force-pushed
the
v1-cluster-config
branch
from
310a73d to
707589f
Compare
Contributor
Author
|
The GlobalConfiguration api is still a mess - it's used as an open structure by a lot of code, and we need (for the moment) to be backwards-compatible with the way config was initially processed. To follow on from this (but not in this PR):
|
chrisseto
approved these changes
Mar 20, 2025
Contributor
chrisseto
left a comment
chrisseto
left a comment
There was a problem hiding this comment.
Nothing blocking, nits are nice to haves and/or can be handled later 
| // throughout. The octet sequence of a Representation will be inserted into a bootstrap template | ||
| // verbatim. | ||
| // TODO: this type should be lifted to a shared module rather than duplicated in the `redpanda` CRD definition. | ||
| type ClusterConfigCRDValue struct { |
Contributor
There was a problem hiding this comment.
nit: Feels funky to include CRD in the name of a value that's included as part of a CRD. Hopefully the package name and/or some kubebuilder annotations are enough to showcase that this is part of a CRD.
Suggested change
| type ClusterConfigCRDValue struct { | |
| type ClusterConfigValue struct { |
Contributor
There was a problem hiding this comment.
OOC what is the expected behavior if all provided members are nil? If that's an invalid case could you add a TODO to add in CEL validation thereof?
jan-g
force-pushed
the
v1-cluster-config
branch
from
707589f to
16af764
Compare
This is ugly at the moment - the intention here is to add the bootstrap templating without too much change. We'll follow up with commits to remove swathes of the v1 operator behaviour - such as removing drift detection - after this has landed. There's additional behaviour in the `configure` subcommand, to template-expand environmant variables and/or external secrets. Internally, the operator uses the bootstrap template file to detemine whether reconfiguration should be applied. This is a short-term adjustment - it'll behave correctly on concrete values, but won't necessarily pick up external sources of values (such as config maps) changing. That's to come. The operator takes some care to not unnecessarily trigger a sts restart - if the sts has already been configured without a tempalted bootstrap, then the old behaviour will be preserved until such time as a restart would be required anyway.
Ensure the configuration is correctly stashed and updated. kuttl test for "ClusterConfiguration" external ref override Note: because this test causes an additional env var to be added to an initContainer, it'll cause a restart of the resulting statefulSet.
jan-g
force-pushed
the
v1-cluster-config
branch
from
16af764 to
c38ac41
Compare
jan-g
added a commit
that referenced
this pull request
Apr 2, 2025
* Add a type to the v1 model for the updated ClusterConfig ClusterConfiguration values can either be concrete ones, or references - either to k8s resources (such as ConfigMap or Secret) or an external secret. Concrete items are represented as strings - the attribute in a CR should have the yaml representation of the raw value. This permits us to inject it verbatim into a reconstituted `.bootstrap.yaml` file, and (with the aid of a schema from a running Redpanda cluster) turn the representation into concrete values without loss of fidelity. We use json encoding to construct these, and yaml decoding (which is a little more flexible in what it'll accept) to decode them. * Add the construction of a bootstrap template file This is ugly at the moment - the intention here is to add the bootstrap templating without too much change. We'll follow up with commits to remove swathes of the v1 operator behaviour - such as removing drift detection - after this has landed. There's additional behaviour in the `configure` subcommand, to template-expand environmant variables and/or external secrets. Internally, the operator uses the bootstrap template file to detemine whether reconfiguration should be applied. This is a short-term adjustment - it'll behave correctly on concrete values, but won't necessarily pick up external sources of values (such as config maps) changing. That's to come. The operator takes some care to not unnecessarily trigger a sts restart - if the sts has already been configured without a tempalted bootstrap, then the old behaviour will be preserved until such time as a restart would be required anyway. * kuttl test for "ClusterConfiguration" override Ensure the configuration is correctly stashed and updated. kuttl test for "ClusterConfiguration" external ref override Note: because this test causes an additional env var to be added to an initContainer, it'll cause a restart of the resulting statefulSet. (cherry picked from commit a6c0672)
jan-g
added a commit
that referenced
this pull request
Apr 2, 2025
* Add a type to the v1 model for the updated ClusterConfig ClusterConfiguration values can either be concrete ones, or references - either to k8s resources (such as ConfigMap or Secret) or an external secret. Concrete items are represented as strings - the attribute in a CR should have the yaml representation of the raw value. This permits us to inject it verbatim into a reconstituted `.bootstrap.yaml` file, and (with the aid of a schema from a running Redpanda cluster) turn the representation into concrete values without loss of fidelity. We use json encoding to construct these, and yaml decoding (which is a little more flexible in what it'll accept) to decode them. * Add the construction of a bootstrap template file This is ugly at the moment - the intention here is to add the bootstrap templating without too much change. We'll follow up with commits to remove swathes of the v1 operator behaviour - such as removing drift detection - after this has landed. There's additional behaviour in the `configure` subcommand, to template-expand environmant variables and/or external secrets. Internally, the operator uses the bootstrap template file to detemine whether reconfiguration should be applied. This is a short-term adjustment - it'll behave correctly on concrete values, but won't necessarily pick up external sources of values (such as config maps) changing. That's to come. The operator takes some care to not unnecessarily trigger a sts restart - if the sts has already been configured without a tempalted bootstrap, then the old behaviour will be preserved until such time as a restart would be required anyway. * kuttl test for "ClusterConfiguration" override Ensure the configuration is correctly stashed and updated. kuttl test for "ClusterConfiguration" external ref override Note: because this test causes an additional env var to be added to an initContainer, it'll cause a restart of the resulting statefulSet. (cherry picked from commit a6c0672)
Contributor
Author
💚 All backports created successfully
Note: Successful backport PRs will be merged automatically after passing CI. Questions ?Please refer to the Backport tool documentation |
RafalKorepta
pushed a commit
that referenced
this pull request
Apr 2, 2025
* Add a type to the v1 model for the updated ClusterConfig ClusterConfiguration values can either be concrete ones, or references - either to k8s resources (such as ConfigMap or Secret) or an external secret. Concrete items are represented as strings - the attribute in a CR should have the yaml representation of the raw value. This permits us to inject it verbatim into a reconstituted `.bootstrap.yaml` file, and (with the aid of a schema from a running Redpanda cluster) turn the representation into concrete values without loss of fidelity. We use json encoding to construct these, and yaml decoding (which is a little more flexible in what it'll accept) to decode them. * Add the construction of a bootstrap template file This is ugly at the moment - the intention here is to add the bootstrap templating without too much change. We'll follow up with commits to remove swathes of the v1 operator behaviour - such as removing drift detection - after this has landed. There's additional behaviour in the `configure` subcommand, to template-expand environmant variables and/or external secrets. Internally, the operator uses the bootstrap template file to detemine whether reconfiguration should be applied. This is a short-term adjustment - it'll behave correctly on concrete values, but won't necessarily pick up external sources of values (such as config maps) changing. That's to come. The operator takes some care to not unnecessarily trigger a sts restart - if the sts has already been configured without a tempalted bootstrap, then the old behaviour will be preserved until such time as a restart would be required anyway. * kuttl test for "ClusterConfiguration" override Ensure the configuration is correctly stashed and updated. kuttl test for "ClusterConfiguration" external ref override Note: because this test causes an additional env var to be added to an initContainer, it'll cause a restart of the resulting statefulSet. (cherry picked from commit a6c0672)
RafalKorepta
pushed a commit
that referenced
this pull request
Apr 2, 2025
* Add a type to the v1 model for the updated ClusterConfig ClusterConfiguration values can either be concrete ones, or references - either to k8s resources (such as ConfigMap or Secret) or an external secret. Concrete items are represented as strings - the attribute in a CR should have the yaml representation of the raw value. This permits us to inject it verbatim into a reconstituted `.bootstrap.yaml` file, and (with the aid of a schema from a running Redpanda cluster) turn the representation into concrete values without loss of fidelity. We use json encoding to construct these, and yaml decoding (which is a little more flexible in what it'll accept) to decode them. * Add the construction of a bootstrap template file This is ugly at the moment - the intention here is to add the bootstrap templating without too much change. We'll follow up with commits to remove swathes of the v1 operator behaviour - such as removing drift detection - after this has landed. There's additional behaviour in the `configure` subcommand, to template-expand environmant variables and/or external secrets. Internally, the operator uses the bootstrap template file to detemine whether reconfiguration should be applied. This is a short-term adjustment - it'll behave correctly on concrete values, but won't necessarily pick up external sources of values (such as config maps) changing. That's to come. The operator takes some care to not unnecessarily trigger a sts restart - if the sts has already been configured without a tempalted bootstrap, then the old behaviour will be preserved until such time as a restart would be required anyway. * kuttl test for "ClusterConfiguration" override Ensure the configuration is correctly stashed and updated. kuttl test for "ClusterConfiguration" external ref override Note: because this test causes an additional env var to be added to an initContainer, it'll cause a restart of the resulting statefulSet. (cherry picked from commit a6c0672)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This is a placeholder commit to get feedback before we go too far down that path - we'll add the CRD
definition once we get agreement on it.