THREESCALE-10842 Preflights checks#948
Merged
MStokluska merged 12 commits into3scale:masterfrom Mar 28, 2024
Merged
Conversation
Contributor
carlkyrillos
left a comment
carlkyrillos
left a comment
There was a problem hiding this comment.
Left some comments but nothing major. Overall the code looks good to me and I completed all of the verification scenarios.
MStokluska
commented
Mar 18, 2024
MStokluska
commented
Mar 19, 2024
MStokluska
force-pushed
the
THREESCALE-10842
branch
from
21076cd to
4834618
Compare
MStokluska
force-pushed
the
THREESCALE-10842
branch
from
4834618 to
cefc766
Compare
MStokluska
changed the title
Contributor
carlkyrillos
left a comment
carlkyrillos
left a comment
There was a problem hiding this comment.
@MStokluska I left a few comments and performed the following four scenarios:
- Scenario 3 (MySQL) single namespace scope
- Scenario 4 (PostgreSQL) target namespace scope
- Scenario 7 (PostgreSQL) cluster namespace scope
- Scenario 8 (PostgreSQL) single namespace scope
They all worked except for Scenario 4 when done in target namespace mode (but it did work in single namespace mode). For background, I installed the operator to a namespace threescale-operator and updated the CSV to set the WATCH_NAMESPACE env var in the Deployment to threescale. I then created the APIManager in the namespace threescale but the operator logs were filled with RBAC errors and the APIManager wasn't reconciled.
carlkyrillos
approved these changes
Mar 27, 2024
Contributor
carlkyrillos
left a comment
carlkyrillos
left a comment
There was a problem hiding this comment.
Left some comments about unused constants but feel free to ignore.
/lgtm
Contributor
|
/test test-e2e |
1 similar comment
Contributor
Author
|
/test test-e2e |
Contributor
|
/lgtm |
MStokluska
force-pushed
the
THREESCALE-10842
branch
from
46d226c to
c640283
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
4 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Jira: https://issues.redhat.com/browse/THREESCALE-10842
What it does
The PR proposes the implementation of preflight checks for the 3scale Operator.
The goal of preflight checks is to:
Prevent fresh installations if external databases are used and their versions do not match versions required by 3scale
Prevent forced upgrades (forced upgrades being when an existing operator is uninstalled and a new version [next minor version] is applied) when database versions required are not present
Prevent possibility of having OLM progressing to a version that the requirements of database versions have not been met.
For example, Running 2.14 with Redis 6. 2.15 requires Redis 6.2. I've approved 2.15. It will get installed but won't reconcile [3scale instance will be unaffected and still using 2.14] until I fix the Redis version.
Another example, if on 2.15 and it requires Postgres 10, when I approve they upgrade to 2.16 (which requires Postgres 13) the upgrade won't proceed until I bump the version of Postgres. However, the difference this time is that the operator will keep reconciling 2.15 APIM changes as usual, BUT, only proceed with the upgrade once 2.16 requirements are met
More scenarios and verification steps are available in the Jira comments document link (due to the size of possible scenarios, a Word doc was used instead of steps here)
How it works
The requirements are set on the CSV. The new subscription controller watches the operator's subscription and discovers the latest CSV approved by OLM. It then reads the requirements from CSV annotations and creates config map with it.
APIManager controller is triggered on config map creation, it first checks if the config map is present at all, if not, it will requeue since the the config map presence is a must for it to continue (cm will be created even if no requiremets are set [empty values = no requirements])
Once the requirements config map is created, the requirements checks are performed, and the controller response is different based on different scenarios (more info in the doc linked in Jira). If requirements are confirmed, the APIM instance gets annotated with resource version of config map so that as long as resource version of config map isn't changed, the preflight isn't re run.
Subscription controller also controlls the state of the operator condition CR.
Operator Condition CR is used to prevent upgrades at the OLM level, even if the upgrade is approved by the user. 3scale Operator always blocks upgrades apart from situations when upgrade requirements are met.
Tweaks to be done and things to be considered: