Re-render is not triggered on secret value change #8
Comments
|
Yeah, I've been meaning to do that before. It should be watching the Secret for changes. |
|
Given that the mounted secret may take some time to take effect, watching the secret only have value if the we have RBAC that allow the process to read the secret contents. Do you think this is a good approach or the file system approach is better despite the delay? I'm willing to open a PR for it. |
|
For me, I'd just exit the execution of asterisk-config and let kubernetes recreate the container with the updated Secret. That, then, would not require any special RBAC. That is, admittedly, somewhat ugly, since that will register a restart of the container. An optional RBAC for reading the Secret would be fine, to avoid the restart, but I wouldn't want it to be a mandatory default. Please feel free to PR, thanks! |
|
Did hack it real quick here the restart when the file changes. It works great. This also simplifies something: to deterministically re-render the config, we need to start from scratch: actually removing the current asterisk config from the exportDir, extract everything again and so on. I'll keep it like this for a while, but will attempt to implement the watcher later. Thanks for the hack idea. |
|
I've got an implementation, but I'm is struggling with the |
This allows the engine to be used to watch and retrieve data from binary secrets. The current secret implementation assumes that the value is a string and hence does not work with binary data. Besides the fact that this is a template engine and binary data make very little sense, this engine can be used as a generic k8s watcher. Related to CyCoreSystems/asterisk-config#8. Signed-off-by: Vinicius Ruoso <[email protected]>
The Asterisk config is provided by a kubernetes secret. We are adding support re-render the templates when a secret is updated. This allow us to react much faster to configuration changes. Closes CyCoreSystems#8. Signed-off-by: Vinicius Ruoso <[email protected]>
The Asterisk config is provided by a kubernetes secret. We are adding support re-render the templates when a secret is updated. This allow us to react much faster to configuration changes. Closes CyCoreSystems#8. Signed-off-by: Vinicius Ruoso <[email protected]>
The Asterisk config is provided by a kubernetes secret. We are adding support re-render the templates when a secret is updated. This allow us to react much faster to configuration changes. Closes CyCoreSystems#8. Signed-off-by: Vinicius Ruoso <[email protected]>
I went on the easier path: using |
The Asterisk config is provided by a kubernetes secret. We are adding support re-render the templates when a secret is updated. This allow us to react much faster to configuration changes. Closes CyCoreSystems#8. Signed-off-by: Vinicius Ruoso <[email protected]>
|
Yeah, I need to get off the ericciang/k8s client. Before the client was split from the kubernetes core, it was much faster and lighter weight. Now, there isn't really a need for it. I'll make another issue to handle that. |
|
Hey! Long time. Do you plan to have the PR merged or should we take another approach? |
The Asterisk config is provided by a kubernetes secret. We are adding support re-render the templates when a secret is updated. This allow us to react much faster to configuration changes. Closes CyCoreSystems#8. Signed-off-by: Vinicius Ruoso <[email protected]>
When changing the zip file in the secret that is mounted in the asterisk-config volume, it does not detect it and re-renders the template. This makes it hard to have dynamic configuration except from the already implemented reactivity based on the network changes.
Possible solutions:
The text was updated successfully, but these errors were encountered: