Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

refactor: Remove Redundancy and duplication, check for same naming pattern on Kustomize #1721

Merged
merged 22 commits into from
Aug 6, 2024
Merged

refactor: Remove Redundancy and duplication, check for same naming pattern on Kustomize #1721

merged 22 commits into from
Aug 6, 2024

Conversation

jeremyharisch
Copy link
Contributor

@jeremyharisch jeremyharisch commented Jul 25, 2024
edited
Loading

Description

Changes proposed in this pull request:

  • Removing the term manager from the kustomize setup, since it is duplicated. I.e. klm-controller-manager-role which reads as kyma-lifecycle-manager-controller-manager-role, or in default profile lifecycle-manager-manager-role. Use only controller instead
  • Make sure everything has klm- prefix in control-plane setup
  • Align the resources to the following format <prefix>-<resource type>-<details>
    • klm-leader-election-roleklm-controller-role-leader-election
    • klm-manager-controler-roleklm-controller-role
    • ...
  • Removing manifest-role and use kubebuilder rbac generator as done for other resoruces - to get rid of roles created by ahdn use use kubebuilder framwork as much as possible
  • Adapt E2E Test
Old resources

default

kcp-system
---
kymas.operator.kyma-project.io
---
manifests.operator.kyma-project.io
---
moduletemplates.operator.kyma-project.io
---
watchers.operator.kyma-project.io
---
lifecycle-manager-controller-manager
---
lifecycle-manager-leader-election-role
---
lifecycle-manager-manager-role
---
lifecycle-manager-manager-role-crd
---
lifecycle-manager-manager-role-manifest
---
lifecycle-manager-metrics-reader
---
lifecycle-manager-leader-election-rolebinding
---
lifecycle-manager-manager-rolebinding
---
lifecycle-manager-manager-rolebinding-crd
---
lifecycle-manager-manager-rolebinding-manifest
---
lifecycle-manager-metrics-rolebinding
---
lifecycle-manager-metrics-service
---
lifecycle-manager-webhook-service
---
lifecycle-manager-controller-manager
---
lifecycle-manager-serving-cert
---
lifecycle-manager-selfsigned-issuer
---
lifecycle-manager-validating-webhook-configuration

control-plane profile

kymas.operator.kyma-project.io
---
manifests.operator.kyma-project.io
---
moduletemplates.operator.kyma-project.io
---
watchers.operator.kyma-project.io
---
klm-controller-manager
---
klm-leader-election-role
---
klm-manager-role
---
klm-manager-role-crd
---
klm-manager-role-manifest
---
klm-metrics-reader
---
klm-manager-rolebinding-istio-system
---
klm-leader-election-rolebinding
---
klm-manager-rolebinding-kcp-system
---
klm-manager-rolebinding-manifest
---
klm-manager-rolebinding-kyma-system
---
klm-metrics-rolebinding
---
klm-manager-rolebinding-crd
---
klm-dashboard-mandatory-modules
---
klm-dashboard-overview
---
klm-dashboard-status
---
klm-dashboard-watcher
---
klm-event-service
---
klm-metrics-service
---
klm-webhook-service
---
klm-controller-manager
---
klm-watcher-serving-cert
---
klm-serving-cert
---
klm-watcher-selfsigned-cluster-issuer
---
klm-watcher-selfsigned-issuer
---
klm-selfsigned-issuer
---
klm-controller-manager-metrics-monitor
---
klm-watcher-gateway
---
klm-kyma-watcher
---
klm-controller-manager
---
klm-validating-webhook-configuration
New Resources

default

kcp-system
---
kymas.operator.kyma-project.io
---
manifests.operator.kyma-project.io
---
moduletemplates.operator.kyma-project.io
---
watchers.operator.kyma-project.io
---
lifecycle-manager-controller
---
lifecycle-manager-controller-role-leader-election
---
lifecycle-manager-controller-role
---
lifecycle-manager-controller-role-crd
---
lifecycle-manager-controller-role-metrics
---
lifecycle-manager-controller-rolebinding-leader-election
---
lifecycle-manager-controller-rolebinding-crd
---
lifecycle-manager-controller-rolebinding-metrics
---
lifecycle-manager-manager-rolebinding
---
lifecycle-manager-metrics-service
---
lifecycle-manager-webhook-service
---
lifecycle-manager-controller
---
lifecycle-manager-serving-cert
---
lifecycle-manager-selfsigned-issuer
---
lifecycle-manager-validating-webhook-configuration

control plane

kymas.operator.kyma-project.io
---
manifests.operator.kyma-project.io
---
moduletemplates.operator.kyma-project.io
---
watchers.operator.kyma-project.io
---
klm-controller
---
klm-controller-role-leader-election
---
klm-controller-role
---
klm-controller-role-crd
---
klm-controller-role-metrics
---
klm-controller-rolebinding-istio-system
---
klm-controller-rolebinding-kcp-system
---
klm-controller-rolebinding-leader-election
---
klm-controller-rolebinding-kyma-system
---
klm-controller-rolebinding-metrics
---
klm-controller-rolebinding-crd
---
klm-dashboard-mandatory-modules
---
klm-dashboard-overview
---
klm-dashboard-status
---
klm-dashboard-watcher
---
klm-event-service
---
klm-metrics-service
---
klm-webhook-service
---
klm-controller
---
klm-watcher-serving-cert
---
klm-serving-cert
---
klm-watcher-selfsigned-cluster-issuer
---
klm-watcher-selfsigned-issuer
---
klm-selfsigned-issuer
---
klm-controller-metrics-monitor
---
klm-watcher-gateway
---
klm-kyma-watcher
---
klm-controller
---
klm-validating-webhook-configuration

Related issue(s)

@jeremyharisch jeremyharisch requested review from a team as code owners July 25, 2024 15:32
@kyma-bot kyma-bot added do-not-merge/work-in-progress Indicates that a PR should not merge because it is a work in progress. cla: yes Indicates the PR's author has signed the CLA. size/L Denotes a PR that changes 100-499 lines, ignoring generated files. labels Jul 25, 2024
@jeremyharisch jeremyharisch changed the title WIP: Remove Redundancy and duplication, check for same naming pattern refactor: Remove Redundancy and duplication, check for same naming pattern on Kustomize Jul 26, 2024
@kyma-bot kyma-bot removed the do-not-merge/work-in-progress Indicates that a PR should not merge because it is a work in progress. label Jul 26, 2024
@jeremyharisch jeremyharisch linked an issue Jul 26, 2024 that may be closed by this pull request
Align resource names and make it consistent between kustomize and helm #1612
Closed
7 tasks
c-pius
c-pius reviewed Jul 29, 2024
View reviewed changes
Copy link
Contributor

@c-pius c-pius left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Questions:

  • "controller-manager" term is the default by kubebuilder ("The Manager is an executable that wraps one or more Controllers") and seems to be common within K8s (e.g., kube-controller-manager). Should we keep this as such therefore?
  • is there a specific reason why we use "lifecycle-manager" prefix local and "kcp" prefix for control-plane? Why not use the same prefix?
  • we still have a inconsistency in that we sometimes include the type, e.g., for bindings, services, certs, ..., but sometimes we also omit it, e.g., for deployment, service account, configmap, ... We also use "role" for both Role and ClusterRole, same with rolebinding for Rolebinding and ClusterRoleBinding. Do we even need to include the type in the name? What is our use case for including it?

config/manager/kustomization.yaml Outdated Show resolved Hide resolved
@c-pius
Copy link
Contributor

c-pius commented Jul 29, 2024
edited
Loading

How about trying to get to something like the following:

  • all KLM-related components using the klm prefix
  • controller-manager is the name of the deployment (the manager wrapping our KLM controllers)
    • everything directly related to the controller-manager deployment includes this in the name
  • all KLM components not directly related the controller-manager dpeloyment don't use this infix or rather one of the thing they are related to (e.g., the dashboards have no infix, watcher-related things have watcher infix, ...)
  • rolebindings may include namespace suffix for deduplication
  • resource type not used as a suffix anymore
---
kymas.operator.kyma-project.io
CustomResourceDefinition
---
manifests.operator.kyma-project.io
CustomResourceDefinition
---
moduletemplates.operator.kyma-project.io
CustomResourceDefinition
---
watchers.operator.kyma-project.io
CustomResourceDefinition
---
# the service account for the controller-manager
klm-controller-manager
ServiceAccount
---
# permissions for the controller-manager to perform leader election
- klm-leader-election-role
+ klm-controller-manager-leader-election
Role
---
# base permissions for controller-manager to perform its tasks
- klm-manager-role
+ klm-controller-manager
ClusterRole
---
# additional permissions for controller-manager to perform tasks on CRDs
- klm-manager-role-crd
+ klm-controller-manager-crds
ClusterRole
---
# additional permissions for controller-manager to read from non-resource nedpoint /metrics
- klm-metrics-reader
+ klm-controller-manager-metrics
ClusterRole
---
# Permissions for KLM to read watcher's cert-manager-related resources
- klm-manager-role-istio-namespace
+ klm-controller-manager-watcher-certmanager
Role
---
# Permissions for KLM to read resources residing in the SKR
- manager-role-remote-namespace
+ klm-controller-manager-skr
Role
---
# binds the watcher's cert-manager-related resources role
- manager-rolebinding-istio-namespace
+ klm-controller-manager-watcher-certmanager
RoleBinding
---
# binds the SKR-realted resources role
- manager-rolebinding-remote-namespace
+ klm-controller-manager-skr
RoleBinding
---
# binds the leader election role to kcp-sytem namespace
- klm-leader-election-rolebinding
+ klm-controller-manager-leader-election
RoleBinding
---
# binds the base permissions for kcp-system namespace
# since kcp-sysem is the expected namespace, no additional suffix?
- klm-manager-rolebinding-kcp-system
+ klm-controller-manager
RoleBinding
---
# binds the metrics permissions for kcp-system namespace
- klm-metrics-rolebinding
+ klm-controller-manager-metrics
RoleBinding
---
# binds the CRD permissions
- klm-manager-rolebinding-crd
+ klm-controller-manager-crds
ClusterRoleBinding
---
# config defining a plutono dashboard
klm-dashboard-mandatory-modules
ConfigMap
---
# config defining a plutono dashboard
klm-dashboard-overview
ConfigMap
---
# config defining a plutono dashboard
klm-dashboard-status
ConfigMap
---
# config defining a plutono dashboard
klm-dashboard-watcher
ConfigMap
---
# service exposing events from the controller-manager
- klm-event-service
+ klm-controller-manager-events
Service
---
# service exposing metrics from the controller-manager
- klm-metrics-service
+ klm-controller-manager-metrics
Service
---
# service exposing the controller-manager's webhook 
- klm-webhook-service
+ ~~klm-controller-manager-webhook~~
+ klm-webhook-service
Service
---
# deployment wrapping the klm controllers
klm-controller-manager
Deployment
---
# serving cert for watcher
- klm-watcher-serving-cert
+ klm-watcher-serving
Certificate
---
# serving cert for controller-manager webhook
- klm-serving-cert
+ klm-controller-manager-webhook-serving
Certificate
---
# self signed cluster issuer for watcher
- klm-watcher-selfsigned-cluster-issuer
+ klm-watcher-selfsigned
ClusterIssuer
---
# self signed issuer for watcher
- klm-watcher-selfsigned-issuer
+ klm-watcher-selfsigned
Issuer
---
# self signed issues for controller-manager
- klm-selfsigned-issuer
+ klm-controller-manager-selfsigned
Issuer
---
# metrics monitor for controller-manager's metrics
- klm-controller-manager-metrics-monitor
+ klm-controller-manager-metrics
ServiceMonitor
---
# gateway for watcher
- klm-watcher-gateway
+ klm-watcher
Gateway
---
# watcher
- klm-kyma-watcher
+ klm-watcher
Watcher
---
klm-controller-manager
AuthorizationPolicy
---
- klm-validating-webhook-configuration
+ ~~klm-controller-manager~~
+ klm-validating-webhook-configuration
ValidatingWebhookConfiguration

TODOs

@c-pius c-pius force-pushed the refactorK8sResourceNames branch from 9b4de08 to 691dd32 Compare July 30, 2024 12:14
@c-pius c-pius removed their assignment Jul 30, 2024
@c-pius c-pius requested a review from ruanxin July 31, 2024 11:33
@ruanxin ruanxin requested a review from lindnerby August 1, 2024 07:34
@lindnerby lindnerby added the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label Aug 1, 2024
@c-pius c-pius assigned c-pius and unassigned lindnerby Aug 2, 2024
@c-pius
Copy link
Contributor

c-pius commented Aug 2, 2024

Renaming ready now. We are waiting for feedback from SRE before merging.

@kyma-bot kyma-bot added the lgtm Looks good to me! label Aug 6, 2024
@c-pius c-pius removed the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label Aug 6, 2024
@kyma-bot kyma-bot merged commit a180040 into kyma-project:main Aug 6, 2024
37 checks passed
@ruanxin ruanxin mentioned this pull request Nov 11, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@c-pius c-pius c-pius left review comments

@lindnerby lindnerby lindnerby approved these changes

@ruanxin ruanxin Awaiting requested review from ruanxin

Assignees

@c-pius c-pius

@jeremyharisch jeremyharisch

Labels
cla: yes Indicates the PR's author has signed the CLA. lgtm Looks good to me! size/L Denotes a PR that changes 100-499 lines, ignoring generated files.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Align resource names and make it consistent between kustomize and helm
5 participants
@jeremyharisch @c-pius @ruanxin @lindnerby @kyma-bot