Add support to disable CAPZ components through a manager flag #5552
Conversation
k8s-ci-robot
added
release-note
k8s-ci-robot
added
the
size/S
|
/assign @nawazkh |
Codecov ReportAttention: Patch coverage is
Additional details and impacted files@@ Coverage Diff @@
## main #5552 +/- ##
==========================================
- Coverage 53.27% 52.82% -0.45%
==========================================
Files 272 279 +7
Lines 29522 29629 +107
==========================================
- Hits 15727 15652 -75
- Misses 12980 13160 +180
- Partials 815 817 +2 ☔ View full report in Codecov by Sentry. 🚀 New features to boost your workflow:
|
This is incorrect. The ASOAPI feature gate only enables controllers for the AzureASOManagedControlPlane and the other AzureASO... resources. This ASO secret controller is necessary for all of the resource types that CAPZ manages with ASO, including resource groups and vnets which are created for every AzureCluster and AzureManagedControlPlane. I suspect that if you disable the ASOAPI feature gate in CI, then all of the e2e tests will blow up, not just the ones exercising the AzureASO... APIs. I think I mentioned somewhere, maybe in #5099 or in a Slack thread related to that PR, that a better solution to this general problem IMO would be a generic toggle to enable or disable individual controllers and webhooks with command line flags. Either something like that, or we explicitly disclaim all support for any installation that is not exactly equivalent to the CRDs and other manifests we publish for releases, since we generally assume the controller manager is running when all of the CRDs are installed. Changing the meaning of existing feature gates isn't a sustainable way to solve the general "I didn't install a CRD and now the controller manager is crashing" problem. |
I agree, fwiw created this some time ago to track that effort #5294 |
Thank you for adding more context on this Jon.
I agree also. We could start with updating manager.yaml with a bunch of env variables that enable different controllers and webhooks. So we essentially close out this PR @bryan-cox ? |
k8s-ci-robot
added
size/L
k8s-ci-robot
added
the
do-not-merge/work-in-progress
bryan-cox
changed the title
|
/test all |
|
/test all |
I like the idea of being able to toggle controllers, so green flag from me on this approach. However, we need to ensure that the Management cluster is functional despite turning off controller(maybe all in the future?), so maybe we also incorporate an e2e test to validate the functionality. @bryan-cox , what do you say ? |
|
Un-assigning myself for now since I won't be able to get to this immediately. |
k8s-ci-robot
added
size/L
|
Hey @willie-yao 👋🏻 - I made an issue to keep track of adding an e2e for the functionality introduced in this PR, #5744, as we discussed a few weeks ago in the CAPZ weekly sync. Please let me know if there is anything further I can do to help get this PR to merged. |
|
/test pull-cluster-api-provider-azure-e2e |
|
/retest |
There was a problem hiding this comment.
Sorry for the delay on this @bryan-cox! Just one minor nit from me, otherwise lgtm!
/approve
/hold for squash
api/v1beta1/types.go
Outdated
|
|
||
| // NOTE: when adding a new DisableComponent, please also add it to the ValidDisableableComponents map. | ||
| const ( | ||
| // DisableASOController disables the ASOSecretController from being deployed. |
There was a problem hiding this comment.
| // DisableASOController disables the ASOSecretController from being deployed. | |
| // DisableASOSecretController disables the ASOSecretController from being deployed. |
k8s-ci-robot
added
do-not-merge/hold
|
@willie-yao this should be ready for you again. I fixed the issue and squashed the commits. |
There was a problem hiding this comment.
/lgtm
/approve
/hold cancel
@bryan-cox Thanks for your hard work and patience on this!
k8s-ci-robot
added
lgtm
|
LGTM label has been added. Git tree hash: 6285739c96f72a1f0997d6fd71726c0eea7789cd
|
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: willie-yao The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
|
/cherry-pick release-1.20 |
|
/cherry-pick release-1.19 |
|
@mboersma: new pull request created: #5758 In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. |
|
@mboersma: new pull request created: #5759 In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. |
What type of PR is this?
/kind bug
What this PR does / why we need it:
Adds the ability to disable CAPZ components through a manager flag. Flags added for disabling ASO Secret Controller and disabling Azure JSON Machine Controller.
Which issue(s) this PR fixes:
Fixes #5472
Special notes for your reviewer:
TODOs:
Release note: