[WIP] ✨ Add support for Ignition v3.x #9158
Conversation
k8s-ci-robot
added
do-not-merge/work-in-progress
k8s-ci-robot
added
size/XXL
|
Hi @bengentil. Thanks for your PR. I'm waiting for a kubernetes-sigs member to verify that this patch is reasonable to test. If it is, they should reply with Once the patch is verified, the new status will be reflected by the I understand the commands that are listed here. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
|
[APPROVALNOTIFIER] This PR is NOT APPROVED This pull-request has been approved by: The full list of commands accepted by this bot can be found here.
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
bengentil
force-pushed
the
ben/ignitionv3
branch
from
f90fa39 to
aac6da7
Compare
|
Hi @invidian, To follow the slack conversation we had, I pushed this PR so we can discuss the implementation in details. The PR is working but I have a few questions:
|
There was a problem hiding this comment.
Hey @bengentil, thanks for opening this PR, this is highly appreciated! To answer your questions:
I've added a new optional enum Transpiler and a ButaneConfig (similar to ContainerLinuxConfig), is this how you pictured the switch between clc & butane?
Not really, I explained that in more details in a comment.
The butane implementation is very similar to the clc implementation, I think some templating functions can be shared (defaultTemplateFuncMap, mountpointName, templateYAMLIndent, parseOwner) in maybe a third package, for the rest I think it's way simpler and readable to keep 2 separate implementation, what do you think?
There is naturally a lot in common indeed, so definitely putting common parts in one place would be great, although I do not treat it as a must have.
However, looking at
, I'm wondering if perhaps Butane does not allow us to translate more features of cloudconfig into Ignition, which would introduce some differences between Butane and CLC. This is perhaps something we could look at.Overall PR looks in a good shape to me, it's great to see it finally happening. Once it lands, perhaps Flatcar templates can be updated to use it so we can gradually phase out CLC and also Infra providers will be able to add support for FCOS.
| // Ignition version, Default to clc | ||
| // +kubebuilder:validation:Enum=clc;butane | ||
| // +optional | ||
| Transpiler string `json:"transpiler,omitempty"` |
There was a problem hiding this comment.
Do we really need this field? Can't we just validate that only one of ContainerLinuxConfig and ButaneConfig is not nil at a time?
There was a problem hiding this comment.
I think this is required for OS who doesn't support both implementation (v2.x only like Flatcar LTS, v3.x only like FCOS)
Relying on ContainerLinuxConfig and ButaneConfig being not nil is not sufficient as both can be nil (eg. I want to install FCOS with no additional config)
There was a problem hiding this comment.
We can also make one of them required in Ignition type then, so user have to choose? We might also want to document that Butane supports generating Ignition v3 while CLC only v2.
IMO it boils down to: clc: {}/butane: {} vs transpiler: clc/transpiler: bunane, but for me the latter makes API more complex as there are 2 knobs for controlling one thing and it creates a matrix of additional bad configurations e.g. transpiler: clc with butane: {} in addition to existing scenarios like butane: {} and clc: {}, which we cannot avoid (they are essential).
There was a problem hiding this comment.
I understand you point but what I propose is basically the same as we have in KubeadmConfigSpec:
- a field
Formatto switch between "cloud-init" and "ignition" - a field
Ignitionused to pass optional ignition configs only whenFormatis explicitly set to "ignition"
Knowing that the Ignition field is optional, making one of clcConfig/butaneConfig required would means any existing declaration without additional config would have to add:
ignition:
clcConfig: {}
(or clc if the field is renamed)
And when ignition v2.x is phased out from flatcar, a new change would be required to:
ignition:
butaneConfig: {}
I'm not sure this is a good UX, what I proposed initially was an enum version field to be self-explanatory about the Ignition version the user want (and let the implementation decide the correct transpiler to call), I changed it to a transpiler field to be consistent with the clcConfig and butaneConfig fields but the long-term logic is the same:
- first we introduce a new optional transpiler, so any user who want to start using Ignition v3 can (no impact on existing manifests)
- once Flatcar LTS updates to Ignition v3, butane becomes the default transpiler (when declared, additionalConfig must be moved from clcConfig to butaneConfig in a variant/version supported by butane or the
transpilerfield should be explicitly set to clc) - at some point, clc implementation is phased out
There was a problem hiding this comment.
That's a good point, I didn't think about the backward compatibility initially. So how about still picking CLC as a default if both clcConfig and butaneConfig are nil? This remains backward compatible and users which needs Ignition v3 can specify butaneConfig: {}.
It does however make selection of Ignition version kind of ambiguous, which I'm not a fan of. Having an enum for Ignition version with v2 default for the time being and v3 as a new option as you originally suggested does make sense in this case. So for users without additional configuration, we would use CLC as a default transpiler for v2 and Butane for v3, but that would be an implementation detail. I also wonder if it make sense to support full versions like 2.3.0 or we could get away with just v2/v3 distinction for the time being.
At the same time, requesting Ignition v3 with CLC configuration would result in an error, as CLC is not capable of producing it. The similar validation would need to be added for Butane.
It would be good for someone else to tip in, maybe @pothos or @jepio could have a look with their critical eye :) And definitely someone from CAPI maintainers.
|
|
||
| const ( | ||
| butaneTemplate = `--- | ||
| variant: flatcar |
There was a problem hiding this comment.
I don't think this should be hardcoded here. Perhaps it should be an API field?
There was a problem hiding this comment.
This is the variant & version of the static template only, the additionalConfig must specify it's own variant/version, both are translated to ignition v3.4.0 and the merge is done in ignition v3.4.0.
There was a problem hiding this comment.
That seem counter-intuitive, as additionalConfig name suggests it's optional and so is the API semantics for this field. How do we require it right now? Shouldn't we require this information from user and use it then for both base template and additional config?
There was a problem hiding this comment.
additionalConfig is still optional, the variant/version is required by butane when additionalConfig is not nil to transpile it to Ignition v3.4.0.
This version doesn't have to be the same as the one used in the static template as the merge is done in Ignition v3.4.0, so a user can add an additionalConfig in any variant/version they want (as long as the couple can be transpiled to Ignition v3.4.0)
We could add a default variant/version if none is specified as it would work in most cases.
There was a problem hiding this comment.
I understand that, but if user specifies no additionalConfig, why should they be forced to use flatcar variant in this case? What if this variant is not compatible with their OS?
| const ( | ||
| butaneTemplate = `--- | ||
| variant: flatcar | ||
| version: 1.1.0 |
There was a problem hiding this comment.
Should this be an API field as well?
| if ignitionConfig != nil && ignitionConfig.Transpiler == "butane" { | ||
| butaneConfig := &bootstrapv1.ButaneConfig{} | ||
| if ignitionConfig.ButaneConfig != nil { | ||
| butaneConfig = ignitionConfig.ButaneConfig | ||
| } | ||
| return butane.Render(input, butaneConfig, kubeadmConfig) | ||
| } | ||
| return clc.Render(input, clcConfig, kubeadmConfig) |
There was a problem hiding this comment.
What if user specifies both ignitionConfig and butaneConfig at the same time? IMO it's a bad configuration, as it contains no-op parts and should return an error to the user.
I think we should add additional validation to
to only accept one configuration format at a time and here simply do something like:| if ignitionConfig != nil && ignitionConfig.Transpiler == "butane" { | |
| butaneConfig := &bootstrapv1.ButaneConfig{} | |
| if ignitionConfig.ButaneConfig != nil { | |
| butaneConfig = ignitionConfig.ButaneConfig | |
| } | |
| return butane.Render(input, butaneConfig, kubeadmConfig) | |
| } | |
| return clc.Render(input, clcConfig, kubeadmConfig) | |
| if ignitionConfig.ButaneConfig != nil { | |
| return butane.Render(input, ignitionConfig.ButaneConfig, kubeadmConfig) | |
| } | |
| return clc.Render(input, clcConfig, kubeadmConfig) |
|
/ok-to-test |
k8s-ci-robot
added
ok-to-test
bengentil
force-pushed
the
ben/ignitionv3
branch
from
aac6da7 to
5642eb9
Compare
bengentil
force-pushed
the
ben/ignitionv3
branch
from
5642eb9 to
7ffba84
Compare
|
If I remember well when we implemented ingition we agreed that this was a temporary solution, while a more long-term solution for machine/node bootstrap should be worked out in order to avoid CABPK becoming unmaintainable, its API exploding, the main CAPI repo to pull too many dependency. I think we should revive this discussion before moving forward with this PR, before adding complexity on top of a situation that we know already not ideal cc @vincepri @CecileRobertMichon @enxebre @sbueringer @killianmuldoon @invidian @dongsupark @johananl |
|
Yes @fabriziopandini, I think this is the relevant issue: #5294 |
k8s-ci-robot
added
the
needs-rebase
|
PR needs rebase. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
|
The Kubernetes project currently lacks enough contributors to adequately respond to all PRs. This bot triages PRs according to the following rules:
You can:
Please send feedback to sig-contributor-experience at kubernetes/community. /lifecycle stale |
k8s-ci-robot
added
the
lifecycle/stale
|
IMO we can freeze/close this PR for now. #5294 is WIP and AFAICT we can't advance this PR until that design proposal is settled. |
|
@fabriziopandini @johananl @invidian @bengentil Ignition v2 has long standing issues as today, given that these APIs are still behind a feature gate, I can see why adding support for v3 going forward would be beneficial. That said, I'd personally like to see a more cohesive approach to Ignition support within Cluster API, on the Machine object specifically. |
Yes, this is one of the core areas we're trying to address in #5294. I'm definitely taking that into account in my WIP design proposal. I'll share a draft as soon as I can. |
|
@bengentil: The following tests failed, say
Full PR test history. Your PR dashboard. Please help us cut down on flakes by linking to an open issue when you hit one in your PR. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here. |
|
The Kubernetes project currently lacks enough active contributors to adequately respond to all PRs. This bot triages PRs according to the following rules:
You can:
Please send feedback to sig-contributor-experience at kubernetes/community. /lifecycle rotten |
k8s-ci-robot
added
lifecycle/rotten
|
The Kubernetes project currently lacks enough active contributors to adequately respond to all issues and PRs. This bot triages PRs according to the following rules:
You can:
Please send feedback to sig-contributor-experience at kubernetes/community. /close |
|
@k8s-triage-robot: Closed this PR. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
|
/reopen |
|
@bengentil: Reopened this PR. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
|
This PR is currently missing an area label, which is used to identify the modified component when generating release notes. Area labels can be added by org members by writing Please see the labels list for possible areas. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
|
The Kubernetes project currently lacks enough active contributors to adequately respond to all issues and PRs. This bot triages PRs according to the following rules:
You can:
Please send feedback to sig-contributor-experience at kubernetes/community. /close |
|
@k8s-triage-robot: Closed this PR. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
|
/reopen |
|
@bengentil: Reopened this PR. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
|
What is the current status of this PR? I'm not sure what the next steps are to make progress with this PR/topic. |
|
I'm personally -1 to keep this PR open. |
|
Based on the latest discussion in the community I'm aware of about this topic, we should wait for progress on #5294 first, but feel free to bring it up again in the office hours given that some time is passed now and folks might have different opinions /close |
|
@fabriziopandini: Closed this PR. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
|
Just for context, #5294 touches some very basic assumptions in the CAPI design and it will therefore likely take some time to agree on the design and finish the implementation. |
What this PR does / why we need it:
Implements Ignition v3.x
Which issue(s) this PR fixes (optional, in
fixes #<issue number>(, fixes #<issue_number>, ...)format, will close the issue(s) when PR gets merged):Fixes #9157