Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Enable users to customize BTP Operator secret and configMap #901

Open
3 of 9 tasks
PK85 opened this issue Nov 19, 2024 · 5 comments
Open
3 of 9 tasks

Enable users to customize BTP Operator secret and configMap #901

PK85 opened this issue Nov 19, 2024 · 5 comments
Assignees
@jaroslaw-pieszka @szwedm @IwonaLanger @ukff
Labels
kind/feature Categorizes issue or PR as related to a new feature. size/M Denotes a PR that changes 30-99 lines, ignoring generated files.

Comments

@PK85
Copy link
Contributor

PK85 commented Nov 19, 2024
edited by szwedm
Loading

Description

We will allow to modify and keep user modifications in the btp-manager-secret.

Reason

Users wants to migrate btp-operator resources and configurations from one k8s cluster into new Kyma cluster.

AC:

  • 1) support label on our btp manager secret sap-btp-manager to skip reconciliation. If secret deleted then reconciliation is back.
    • 1.1) In the BTP manager plutono add dashboard about number of skipped, and be able to see a list of ShootName from those skipped ones
  • 2) if sap-btp-manager secret is changed, immediately reconcile btp-operator
    • 2.1) CM modification is not visible to the btp-operator-controller pod. Only restart of the pod will load it again
    • 2.2) Secret sap-btp-operator-clusterid is always created and INITIAL_CLUSTER_ID from it is always in use. When pod will restart from 2.1 then btp-operator-controller will fail to start because CLUSTER_ID from CM != INITIAL_CLUSTER_ID from secret. panic: ClusterID changed, which is not supported. Please redeploy with --set cluster.id=test_cluster_id goroutine 1 [running]: main.main() /workspace/main.go:140 +0x1d65
    • 2.3) TODO in the BTP-Manager: if user changes CLUSTER_ID in the btp-manager-secret then BTP-Manager deletes a secret sap-btp-operator-clusterid, checks if CM: sap-btp-operator-config has new CLUSTER_ID set, restart sap-btp-operator-controller-manager-58fbb647ff-72ckx pods, checks if sap-btp-operator-clusterid is back with new INITIAL_CLUSTER_ID.
  • 3) E2E integration test
    Issue: End-to-end (e2e) integration test for customizing BTP Manager input secret #921
    PR: E2E BTP Manager secret customization test  #935
  • 4) docs
  • 5) RNs

Agreed label name:

  • kyma-project.io/skip-reconciliation: 'true'

NOTE!:
@PK85 PK85 added kind/feature Categorizes issue or PR as related to a new feature. size/M Denotes a PR that changes 30-99 lines, ignoring generated files. labels Nov 19, 2024
@ukff ukff self-assigned this Nov 27, 2024
@jaroslaw-pieszka jaroslaw-pieszka self-assigned this Nov 29, 2024
@PK85 PK85 mentioned this issue Dec 11, 2024
Closed
3 tasks
@IwonaLanger IwonaLanger self-assigned this Dec 12, 2024
This was referenced Dec 17, 2024
Merged
Merged
Merged
@IwonaLanger IwonaLanger mentioned this issue Dec 19, 2024
Open
@szwedm szwedm self-assigned this Dec 20, 2024
@szwedm
Copy link
Contributor

szwedm commented Dec 20, 2024

AC:
...

PR with the e2e test: #935

@szwedm
Copy link
Contributor

szwedm commented Dec 30, 2024

@ukff see the following code to understand management_namespace config:
https://github.com/SAP/sap-btp-service-operator/blob/cca53330710b7c662001ac10e35f91016c27887d/internal/config/config.go#L19
https://github.com/SAP/sap-btp-service-operator/blob/cca53330710b7c662001ac10e35f91016c27887d/internal/utils/sm_utils.go#L19

@ukff
Copy link
Contributor

ukff commented Jan 2, 2025
edited
Loading

User can modify sap-btp-manager Secret by updating following fields:
cluster_id, management_namespace, clientid, clientsecret, sm_url, tokenurl

If User will change cluster_id field in sap-btp-manager Secret, then btp-manager will force re-creation of sap-btp-operator-clusterid by deleting old one and restarting operator deployment sap-btp-operator-controller-manager. To newly created secret will be inserted value from sap-btp-manager Secret. Also value will be added/modified in sap-btp-operator-config ConfigMap.

If User will add/modify field management_namespace in sap-btp-manager Secret, then, sap-btp-service-operator Secret will be moved to corresponding namespace, if namespace is not present, it will be created
Also value will be added/modified in sap-btp-operator-config ConfigMap.

Values from sap-btp-manager secret ("clientid", "clientsecret", "sm_url", "tokenurl", "cluster_id") will be mapped to sap-btp-service-operator

Secret sap-btp-operator-clusterid is always in default namespace.

@szwedm
Copy link
Contributor

szwedm commented Jan 3, 2025

If User will change cluster_id field in sap-btp-manager Secret, then btp-manager will force re-creation of sap-btp-operator-clusterid by deleting old one and restarting operator deployment sap-btp-operator-controller-manager. To newly created secret will be inserted value from sap-btp-manager Secret. Also value will be added/modified in sap-btp-operator-config ConfigMap.

Are you sure about the order of resources handling and values insertion?

If User will add/modify field management_namespace in sap-btp-manager Secret, then, sap-btp-service-operator Secret will be moved to corresponding namespace, if namespace is not present, it will be created Also value will be added/modified in sap-btp-operator-config ConfigMap.

When management_namespace environment variable change will be visible in the controller in the pod?

Secret sap-btp-operator-clusterid is always in default namespace.

Which namespace is default namespace?

@jaroslaw-pieszka
Copy link
Contributor

Could you specify all the relevant keys (in secrets and in the config map)?

  MANAGEMENT_NAMESPACE: kyma-system
  RELEASE_NAMESPACE: kyma-system
  management_namespace: kuma-system

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@jaroslaw-pieszka jaroslaw-pieszka

@szwedm szwedm

@IwonaLanger IwonaLanger

@ukff ukff

Labels
kind/feature Categorizes issue or PR as related to a new feature. size/M Denotes a PR that changes 30-99 lines, ignoring generated files.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@PK85 @jaroslaw-pieszka @szwedm @IwonaLanger @ukff