Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: NonAdminBackup sync controller #138

Open
wants to merge 1 commit into
base: master
Choose a base branch
from

Conversation

mateusoliveira43
Copy link
Contributor

Why the changes were made

Fix #38

Blocked by #115

How to test the changes made

TODO

@mateusoliveira43
Copy link
Contributor Author

/hold

Copy link

openshift-ci bot commented Jan 9, 2025

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: mateusoliveira43

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@@ -89,6 +89,8 @@ func (r *NonAdminBackupReconciler) Reconcile(ctx context.Context, req ctrl.Reque
return ctrl.Result{}, err
}

_, syncBackup := nab.Labels["openshift.io/oadp-nab-synced-from-nacuuid"]
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

this was my idea to differ NABs created by user and by sync controller: adding a label to object

what you think about this approach?

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

That sounds like a proper design for that. Would use something from https://github.com/openshift/oadp-operator/blob/master/api/v1alpha1/oadp_types.go#L35 and we are using it in few places already in the constant.go

Possibly adding yet one label, but that would mean the object is managed by entirely and I think that may be not true, as once it's synced it's no longer managed by sync controller it's the user responsibility to do something with it like deletion:

app.kubernetes.io/managed-by: self-service-sync-controller

logger.Error(err, "Failed to get VeleroBackupStorageLocation")
return ctrl.Result{}, err
}
if backupStorageLocation == nil {
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

one of the reasons I think sync controller should NOT be a separate controller. This check would not be necessary if it was part of NonAdminBackupStorageLocation controller

}

// // OPTION 1: copy how Velero does
// // PROBLEM: NAC Pod will not have Velero Pod files
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We would need to mount secret and plugins to NAC Pod to allow this approach, right?

I do not know how much work would that be

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think the sync controller should restore the NAB objects based on the Backup objects that are found in the OADP namespace (by default openshift-adp). I am not sure if the sync controller should really go into s3 BSLs itself?

I do not know why there is anything with secrets to be done, or I am missing something.

Once the BSL is in the OADP namespace the secret is also in that namespace and corresponds to the BSL and not the NABSL.

// ------------------------------------------------------------------------

// OPTION 2: compare BSLs specs
// PROBLEM: if user deletes NABSL, and them recreates it, velero backup will point to a BSL that does not exist
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I would try this approach, but it is not perfect

We could document that there are limitations, if there no other options :(

}),
// ginkgo.Entry("Should check that NonAdminBackupStorageLocation update changes next sync time, then delete NonAdminBackupStorageLocation", nonAdminBackupStorageLocationFullReconcileScenario{}),
// ginkgo.Entry("Should sync only finished NonAdminBackups, then delete NonAdminBackupStorageLocation", nonAdminBackupStorageLocationFullReconcileScenario{}),
// ginkgo.Entry("Should sync only related NonAdminBackupStorageLocation NonAdminBackups, then delete NonAdminBackupStorageLocation", nonAdminBackupStorageLocationFullReconcileScenario{}),
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

test some cross cluster scenarios as well

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Add Non-Admin Backup Sync controller
2 participants