Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

KIM migration - KEB: Migrate from provisioner to Kyma Infrastructure Manager #791

Open
14 of 19 tasks
PK85 opened this issue Jun 3, 2024 · 4 comments
Open
14 of 19 tasks
Assignees
Labels
kind/enhancement Categorizes issue or PR as related to modifying or improving an existing feature

Comments

@PK85
Copy link

PK85 commented Jun 3, 2024

Acceptance Criteria

Phase 1: (driving system Provisioner for creation, Runtime CR spec is not passed to gardener, Runtime CR status is already present)

Expected result from phase 1:

Phase 2: (driving system KIM for creation, Provioner spec is not passed to gardener, Runtime CR status is already present)

  • 0) KEB preview is checking label on Runtime CR (old/new) and then check provisioner status if old, and Runtime CR if new one (on DEV preview works with KIM only, otehr plans create runtimeCR but usese provisioner, flag is taken into account)
  • 1) Preview plan check status from Runtime CR (maybe feature flag for Preview plan only that new hidden input parameter is availabe by which we can decide from where we check status)
  • 2) Frogs run migration, all existing SKRs will be represented by RuntimeCR too
  • 3) Enable preview implementation in all KEB plans with feature flag ON on DEV (stage and prod still OFF) - RuntimeCR is till in view mode only on KIM side

Expected result from phase 2:

  • by Runtime CR new label we can switch to KIM or/and revert to Provisioner and everything should work
  • recreating all Runtime CT by frogs tested
  • KIM became the driving system we can go to phase 3

Phase 3:

Expected result from phase 3:

  • KEB is using only Runitime CR
  • Provisioner is undeployed from all environmnets
@piotrmiskiewicz
Copy link
Member

Technical detail: Do not use InputCreator for creating Runtime CR. All information we need to create the CR we have in the Operationb and Provisioning Parameters.

@jaroslaw-pieszka jaroslaw-pieszka self-assigned this Jul 10, 2024
@PK85 PK85 added the kind/enhancement Categorizes issue or PR as related to modifying or improving an existing feature label Jul 17, 2024
@jaroslaw-pieszka
Copy link
Contributor

jaroslaw-pieszka commented Aug 13, 2024

@kyma-project/framefrog We need to clarify some fields (presence, values):

  • spec.shoot.provider.workers.name - described as optional, but required - what name should we provide, will we select workers group later on by name or index (assigning parameters to workers[0] or worker of specific name)
  • LicenceType - it is the CRD spec, do you use it, is it optional, should it be in the spec or should it be a label
  • Networking.Filter.Egress.Enabled - value based on LicenceType - is the value the same as ShootNetworkingFilterDisabled in provisioner contract?
  • euAccess - present in provisioner contract, not in Runtime CRD - should we add it as a label or should the spec be extended?
  • ExposureClassName- we passed it for sap-converged-cloud - should we somehow support it?
  • EnableKubernetesVersionAutoUpdate - was in the contract with provisioner - not used/forgotten?
  • EnableMachineImageVersionAutoUpdate - was in the contract with provisioner - not used/forgotten?

Provider specific fields (sent to provisioner):

  • Azure: VnetCidr,EnableNatGateway, IdleConnectionTimeoutMinutes)
  • AWS: VpcCidr, EnableIMDSv2
  • sap-converged-cloud: FloatingPoolName, CloudProfileName, LoadBalancerProvider

@piotrmiskiewicz
Copy link
Member

@kyma-project/framefrog I have a questions regarding a time of migration and the update.
Let's imagine a scenario:

  1. SKR is created using Provisioner.
  2. Migration to KIM is executed (runtime CR is created).
  3. The customer updates the SKR (for example changes the machine type)
  4. How KEB should know if the Provisioner should be called with an update mutation or not? Runtime CR will always be updated if exists.

@akgalwas
Copy link
Contributor

akgalwas commented Aug 14, 2024

@kyma-project/framefrog We need to clarify some fields (presence, values):

  • spec.shoot.provider.workers.name - described as optional, but required - what name should we provide, will we select workers group later on by name or index (assigning parameters to workers[0] or worker of specific name)
  • LicenceType - it is the CRD spec, do you use it, is it optional, should it be in the spec or should it be a label
  • Networking.Filter.Egress.Enabled - value based on LicenceType - is the value the same as ShootNetworkingFilterDisabled in provisioner contract?
  • euAccess - present in provisioner contract, not in Runtime CRD - should we add it as a label or should the spec be extended?
  • ExposureClassName- we passed it for sap-converged-cloud - should we somehow support it?
  • EnableKubernetesVersionAutoUpdate - was in the contract with provisioner - not used/forgotten?
  • EnableMachineImageVersionAutoUpdate - was in the contract with provisioner - not used/forgotten?

Provider specific fields (sent to provisioner):

  • Azure: VnetCidr,EnableNatGateway, IdleConnectionTimeoutMinutes)
  • AWS: VpcCidr, EnableIMDSv2
  • sap-converged-cloud: FloatingPoolName, CloudProfileName, LoadBalancerProvider

@jaroslaw-pieszka Please see my comments below

We agreed the following:

  • KIM will take over some functionalities related to infrastructure
  • Knowledge that is related to plans should stay in KEB, everything else can be moved to KIM

For more details on the components responsibilities please see this ADR document.

Answers:

  • spec.shoot.provider.workers.name you can use any string, Provisioner has hardcoded cpu-worker-0
  • LicenceType is not required ; when passed in the CR it will be used for setting infrastructuremanager.kyma-project.io/licence-type annotation ; basically it is equivalent to licenceType field in GraphQL
  • Networking.Filter.Egress.Enabled is a negation of Provisioner's ShootNetworkingFilterDisabled
  • KIM handles euAccess annotation (please see this code)
  • KIM handles ExposureClassName (please see this code)
  • Both EnableKubernetesVersionAutoUpdate and EnableMachineImageVersionAutoUpdate is handled by KIM (please see the code and configuration
  • KIM handles details of the Provider Specific Config (please see the code for aws, azure, gcp, openstack)

@jaroslaw-pieszka jaroslaw-pieszka changed the title KEB: MIgrate from provisioner to Kyma Infrastructure Manager KIM migration - KEB: MIgrate from provisioner to Kyma Infrastructure Manager Oct 8, 2024
@jaroslaw-pieszka jaroslaw-pieszka changed the title KIM migration - KEB: MIgrate from provisioner to Kyma Infrastructure Manager KIM migration - KEB: Migrate from provisioner to Kyma Infrastructure Manager Oct 8, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
kind/enhancement Categorizes issue or PR as related to modifying or improving an existing feature
Projects
None yet
Development

No branches or pull requests

4 participants