Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Skip PVCs with key rotation annotation when SC is changed #637

Closed
wants to merge 1 commit into from
Closed

Skip PVCs with key rotation annotation when SC is changed #637

wants to merge 1 commit into from

Conversation

black-dragon74
Copy link
Member

Existing PVCs with keyoration annotation are enqueued when a SC object is modified.

This patch skips reconcile of such PVCs

Closes: #636

Rakshith-R
Rakshith-R reviewed Aug 7, 2024
View reviewed changes
internal/controller/csiaddons/persistentvolumeclaim_controller.go
@@ -317,6 +318,9 @@ func (r *PersistentVolumeClaimReconciler) storageClassEventHandler() handler.Eve
if _, ok := pvc.GetAnnotations()[rsCronJobScheduleTimeAnnotation]; ok {
continue
}
if _, ok := pvc.GetAnnotations()[krcJobScheduleTimeAnnotation]; ok {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What if

  • A storageclass already has rsCronJob annotation
  • PVCs already have rsCronJob annotation
  • krcJob annotation is added to that same storageclass

I think we need a more elaborate check here which also considers annotations on chnaged storageclass.

@nixpanic
Copy link
Collaborator

nixpanic commented Aug 7, 2024

I think the following does not result in the expected annotation:

  1. a StorageClass has the annotation added
  2. a PVC gets the annotation because of (1)
  3. the annotation in the StorageClass is updated
  4. the PVC will not get an updated annotation

It would be expected that the PVC in step (4) will get the updated annotation too.

You could add an annotation like keyrotation.csiaddons.openshift.io/managed-by: storageclass/name-of-the-class and use that while checking if the annotation needs updating. It would need to take priority of the source of the annotation into account too, as the annotation set on the Namespace should override it.

@black-dragon74
Copy link
Member Author

black-dragon74 commented Aug 8, 2024
edited
Loading

Looking at the edge cases, what if we do not skip the reconcile here and delegate the decision to the predicate functions? We have predicates in place for both SC and PVCs that only reconcile when the value of the relevant annotations has been updated.

@iPraveenParihar WDYT?

@iPraveenParihar
Copy link
Member

I think the following does not result in the expected annotation:

  1. a StorageClass has the annotation added
  2. a PVC gets the annotation because of (1)
  3. the annotation in the StorageClass is updated
  4. the PVC will not get an updated annotation

It would be expected that the PVC in step (4) will get the updated annotation too.

You could add an annotation like keyrotation.csiaddons.openshift.io/managed-by: storageclass/name-of-the-class and use that while checking if the annotation needs updating. It would need to take priority of the source of the annotation into account too, as the annotation set on the Namespace should override it.

I've been working on a similar approach for ReclaimSpace #626. I've been occupied with other priority tasks, but I'll get back to it as soon as I have some time.

Looking at the edge cases, what if we do not skip the reconcile here and delegate the decision to the predicate functions? We have predicates in place for both SC and PVCs that only reconcile when the value of the relevant annotations has been updated.

@iPraveenParihar WDYT?

@black-dragon74, from SC predicate you can't enqueue PV reconcile requests.

@black-dragon74
Copy link
Member Author

@black-dragon74, from SC predicate you can't enqueue PV reconcile requests.

Yes. I get that. But predicate is run before the reconcile happens, no?

@Madhu-1
Copy link
Member

Madhu-1 commented Aug 15, 2024

@black-dragon74 Is this still required?

@black-dragon74
Copy link
Member Author

Closing this one, I will follow this up in another PR with a different approach.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Rakshith-R Rakshith-R Rakshith-R left review comments

@iPraveenParihar iPraveenParihar Awaiting requested review from iPraveenParihar

@Madhu-1 Madhu-1 Awaiting requested review from Madhu-1

@nixpanic nixpanic Awaiting requested review from nixpanic

@yati1998 yati1998 Awaiting requested review from yati1998

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Skip reconcile of PVCs with key rotation annotation
5 participants
@black-dragon74 @nixpanic @iPraveenParihar @Madhu-1 @Rakshith-R