GitopsClusters should only be Ready if ClusterConnected is Ready too #56
Conversation
sarataha
force-pushed
the
check-cluster-connected
branch
13 times, most recently
from
dc8757b to
785e72e
Compare
| @@ -230,6 +229,21 @@ func (r *GitopsClusterReconciler) Reconcile(ctx context.Context, req ctrl.Reques | |||
| return ctrl.Result{}, err | |||
| } | |||
|
|
|||
| // Cluster is ready only if it has a secret and is connected | |||
There was a problem hiding this comment.
I think we can simplify this, check for the Secret and check for Connectivity.
If they are both ok, then it's Ready...
Otherwise they are not ready, with an appropriate message
No ConnectivitySecret missingSecret missing and no connectivity
Something like this ?
There was a problem hiding this comment.
In case of secret missing, I think we return early on line 164. So I wonder how to return the message secret missing and no connectivity in this case? 🤔
sarataha
force-pushed
the
check-cluster-connected
branch
11 times, most recently
from
cf17717 to
499edca
Compare
…nected is Ready too
sarataha
force-pushed
the
check-cluster-connected
branch
from
499edca to
0efad4b
Compare
api/v1alpha1/condition_types.go
Outdated
| // ClusterNotConnectedReason signals that a given cluster is not connected. | ||
| ClusterNotConnectedReason string = "ClusterNotConnected" | ||
| // SecretMissingAndNoConnectivityReason signals that a given secret is missing and there is no connectivity to the cluster. | ||
| SecretMissingAndNoConnectivityReason string = "SecretMissingAndNoConnectivity" |
There was a problem hiding this comment.
I'm not sure this state us really valid, because if the secret is missing, you can't know whether or not connectivity is available?
| @@ -41,7 +45,4 @@ const ( | |||
| // ClusterProvisionedReason is the reason for the provisioned state being | |||
| // set. | |||
| ClusterProvisionedReason string = "ClusterProvisioned" | |||
|
|
|||
| // ClusterConnectivity indicates if the cluster has connectivity | |||
| ClusterConnectivity string = "ClusterConnectivity" | |||
There was a problem hiding this comment.
Do we need to remove this one?
I'm trying to think if we were to evolve this further in the future, if a cluster could be "not ready" but the connectivity could be true.
E.g. parts of the querying system in WGE currently watch this, we'd transition them over to Just "ready".
On the other hand if you can connect to a cluster then that is a pretty ready cluster.
There was a problem hiding this comment.
How would we test for connectivity without a secret?
There was a problem hiding this comment.
The request was to simplify the Ready state, so that it's either "ready" i.e. can be used or "not ready" can't be used.
There was a problem hiding this comment.
True, I guess part of the user story was perhaps:
- The cluster is Ready
- I can't see any resources in the UI
- This is confusing
So we want to change the UI querying to just use Ready.
In this case the "final" ready is state is now cluster connectivity. If we wanted to model something else like... (??), tenants haven't been configured yet so this cluster isn't technically ready yet. We'd use some other status type..
There was a problem hiding this comment.
Yes...
I think the original split was correct, to make it easier to differentiate, but the request from CX is to simplify it.
There's nothing to prevent a resource having several different Conditions, and the GitopsCluster does, it can be provisioned or not.
We need to differentiate these, because it could transit through provisioned quickly to another state, and the controller may never see it.
| @@ -128,105 +127,78 @@ func (r *GitopsClusterReconciler) Reconcile(ctx context.Context, req ctrl.Reques | |||
| } | |||
|
|
|||
| // examine DeletionTimestamp to determine if object is under deletion | |||
| if cluster.ObjectMeta.DeletionTimestamp.IsZero() { | |||
| if cluster.Spec.SecretRef != nil || cluster.Spec.CAPIClusterRef != nil { | |||
| updated := testGetGitopsCluster(t, r.Client, tt.obj) | ||
|
|
||
| if controllerutil.ContainsFinalizer(updated, controllers.GitOpsClusterFinalizer) { | ||
| result, err = r.Reconcile(context.TODO(), reconcile.Request{NamespacedName: tt.obj}) |
There was a problem hiding this comment.
Is TODO a good context to use or was it like a transitional one when context was initially introduced?
There was a problem hiding this comment.
(I was just searching the codebase for TODOs..)
There was a problem hiding this comment.
Yeah, this should probably be Background() but the differences are trivial in this case.
There was a problem hiding this comment.
TODO also suggests that the context doesn't really matter :-)
| e := fmt.Errorf("failed to get CAPI cluster %q: %w", name, err) | ||
| conditions.MarkFalse(cluster, meta.ReadyCondition, gitopsv1alpha1.WaitingForCAPIClusterReason, e.Error()) | ||
| var connectivityErr error | ||
| // TODO: We should check for connectivity with CAPI clusters |
There was a problem hiding this comment.
I guess we need to resolve this TODO?
There was a problem hiding this comment.
We didn't do this before.
I do think we should be checking for the connectivity tho'
There was a problem hiding this comment.
It looks like we might have been doing this before?
(and guessing the name of the capi-cluster-secret)
cluster-controller/controllers/gitopscluster_controller.go
Lines 463 to 466 in 5313780
| // avoid checking the cluster if it's under deletion. | ||
| if !cluster.ObjectMeta.DeletionTimestamp.IsZero() { | ||
| return nil | ||
| } |
There was a problem hiding this comment.
Interesting.. still okay to update Status while something is being deleted probably
There was a problem hiding this comment.
cluster-controller/controllers/gitopscluster_controller.go
Lines 129 to 132 in 5313780
It will return the result of reconciling the deletion.
i.e. it will return with a finalizer still in place if the secret hasn't been removed.
Closes: weaveworks/weave-gitops-enterprise#3200
PR to update reconciler to make GitopsCluster only ready when secret is found and cluster is connected condition is true.