restart manager when middleware change #732
Conversation
|
[APPROVALNOTIFIER] This PR is NOT APPROVED This pull-request has been approved by: ldpliu The full list of commands accepted by this bot can be found here.
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
| var pgConnectionCache *postgres.PostgresConnection | ||
| var kafkaConnectionCache *kafka.KafkaConnection | ||
|
|
||
| const managerDeploymentName = "multicluster-global-hub-manager" |
There was a problem hiding this comment.
suggest to move it into constants.go file
| @@ -78,6 +89,12 @@ func (r *MulticlusterGlobalHubReconciler) reconcileManager(ctx context.Context, | |||
| replicas = 2 | |||
| } | |||
|
|
|||
| if isMiddleWareChanged(r.MiddlewareConfig) { | |||
There was a problem hiding this comment.
middleware is a word. let us make W as lower case
| @@ -151,6 +168,64 @@ func (r *MulticlusterGlobalHubReconciler) reconcileManager(ctx context.Context, | |||
| return nil | |||
| } | |||
|
|
|||
| func restartManagerPod(ctx context.Context, kubeClient kubernetes.Interface) error { | |||
There was a problem hiding this comment.
restart the pod will lose the logs. can we just restart the kafkaConsumer and kafkaProducer? I remembered gorm can handle it automatically @yanmxa is that true?
There was a problem hiding this comment.
@clyang82 @ldpliu Sorry for not replying in time.
- The gorm can't reload/reconnect the credential automatically for now.
- I had several ideas for propagating the middleware credentials, and before we choose the restarting manager, There are the following options we should consider(both of them don't need to restart the pod/manager):
- The operator calls the non-k8s API of the manager to update their credential. Then the manager rebuilds the connection to these middlewares.
As far as I know, a lot of services provide a refreshToken API dedicated to updating the expired credentials. So I think we can prioritize this approach. - The global hub manager watches the credentials of these middlewares, and rebuild the connections in the controller.
- The operator calls the non-k8s API of the manager to update their credential. Then the manager rebuilds the connection to these middlewares.
Signed-off-by: ldpliu <[email protected]>
ldpliu
force-pushed
the
fix-secret-change
branch
from
254cadd to
b17fd11
Compare
|
/test sonarcloud |
|
Kudos, SonarCloud Quality Gate passed! |
|
/test test-e2e |
|
@ldpliu: The following test failed, say
Full PR test history. Your PR dashboard. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here. |
|
PR needs rebase. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
https://issues.redhat.com/browse/ACM-7489