Overlaysync controller and inputmirror CRD #547
Conversation
CreateOrUpdate only persists spec changes, not status changes. Status must be updated separately via the status subresource.
api/v1/inputmirror.go
Outdated
| Items []InputMirror `json:"items"` | ||
| } | ||
|
|
||
| // InputMirror stores a copy of a resource from an overlay cluster. |
There was a problem hiding this comment.
Let's redact any concept of overlay since that's an internal concept and this is OSS
|
|
||
| // getOrCreateOverlayClient gets a cached overlay client or creates a new one. | ||
| // Security: Credentials are never logged, client has timeouts, cache invalidates on rotation. | ||
| func (c *Controller) getOrCreateOverlayClient(ctx context.Context, symphony *apiv1.Symphony) (client.Client, error) { |
There was a problem hiding this comment.
If this controller ran in the eno-reconciler process, it would already have both clients available. I'm not sure if that would make sense overall but I suspect it's worth investigating
There was a problem hiding this comment.
Was thinking to migrate to have controller run with watches / informers rather than relying on polling, will see what this looks like in the eno-reconciler
api/v1/symphony.go
Outdated
| // When set, the OverlaySyncController will use these credentials to sync | ||
| // resources specified in OverlayResourceRefs. | ||
| // +optional | ||
| OverlayCredentials *OverlayCredentials `json:"overlayCredentials,omitempty"` |
There was a problem hiding this comment.
See my other comment on the controller. It would be nice to remove this for simplicity
| // +kubebuilder:printcolumn:name="Source",type=string,JSONPath=`.spec.sourceResource.name` | ||
| // +kubebuilder:printcolumn:name="Synced",type=string,JSONPath=`.status.conditions[?(@.type=="Synced")].status` | ||
| // +kubebuilder:printcolumn:name="Age",type=date,JSONPath=`.metadata.creationTimestamp` | ||
| type InputMirror struct { |
There was a problem hiding this comment.
How often do you think these values will change? I'm wondering if we could keep the API simple by configuring a static list of mirrors per eno-reconciler process in a static config file.
controller for syncing resources from another cluster, and a CRD for sync-able resources.
Design for a representative synth leveraging this is here, implementation is in /ci/ama-metrics-ccp:
https://msazure.visualstudio.com/CloudNativeCompute/_git/aks-operator/pullrequest/14226045?_a=files&path=/ci/ama-metrics-ccp/design/overlay-input-sync.md