Env var sources / downward API #6739
Conversation
|
Thanks for your pull request. It looks like this may be your first contribution to a Google open source project, in which case you'll need to sign a Contributor License Agreement (CLA). 📝 Please visit https://cla.developers.google.com/ to sign. Once you've signed, please reply here (e.g.
|
|
@bgrant0607 @smarterclayton @erictune @thockin @derekwaynecarr @mfojtik PTAL. Preliminary WIP for comment. I don't think there's any controversy about the concepts here, based on the last community hangout. Looking for feedback on the factorings. |
| switch { | ||
| case envVar.ObjectInfo != nil: | ||
| objInfo := envVar.ObjectInfo | ||
| internalFieldPath, _, err := api.Scheme.ConvertFieldLabel(objInfo.APIVersion, "Pod", objInfo.FieldPath, "") |
There was a problem hiding this comment.
add the TODO: use Kind from ObjectInfo so it doesn't confuse people looking at this.
|
Taking this a little further today in terms of factoring within the kubelet. If anyone would like info added to the skeletal API, speak out. I'll making the versioned API changes once people have a chance to chime in here. |
|
@sdminonne fyi |
|
@pmorie thanks |
|
@pmorie - my first impression is that I am good with this approach. my initial reaction was unsure if i liked the metadata.* syntax, but I have no other good alternative in mind so that lgtm. |
|
Is there any reason to place security restrictions on the host source? Is it okay that any user can access host information via this mechanism? Right now it's limited to hostname, but I assume the set of fields will increase over time. |
| @@ -164,6 +164,20 @@ func TestEncode_Ptr(t *testing.T) { | |||
| Spec: api.PodSpec{ | |||
| RestartPolicy: api.RestartPolicyAlways, | |||
| DNSPolicy: api.DNSClusterFirst, | |||
| Containers: []api.Container{ | |||
There was a problem hiding this comment.
Debugging cruft; will remove
|
@bgrant0607 This is shaping up; what supplemental stuff does it need to go in with? I can think of:
@smarterclayton @thockin @derekwaynecarr any opinions on the above? |
| @@ -509,6 +509,33 @@ type EnvVar struct { | |||
| Name string `json:"name" description:"name of the environment variable; must be a C_IDENTIFIER"` | |||
| // Optional: defaults to "". | |||
| Value string `json:"value,omitempty" description:"value of the environment variable; defaults to empty string"` | |||
| // Optional: specify a source for the value of the EnvVar. | |||
| *EnvVarSource `json:"source,omitempty" description:"source for the environment variable's value; cannot be used if value is set"` | |||
There was a problem hiding this comment.
A pointer to an embedded struct is confusing. It needs to not be embedded, which would make sense because the json isn't embedded.
There was a problem hiding this comment.
Re. the description: We can't tell whether value is "set", only whether it is empty.
There was a problem hiding this comment.
@bgrant0607 Are you suggesting instead:
// EnvVar represents an environment variable present in a Container.
type EnvVar struct {
// Required: This must be a C_IDENTIFIER.
Name string `json:"name" description:"name of the environment variable; must be a C_IDENTIFIER"`
// Optional: defaults to "".
Value string `json:"value,omitempty" description:"value of the environment variable; defaults to empty string"`
// Optional; ObjectInfo represents a downward API request for a field of the object.
//
// Valid fields of this reference are:
//
// 1. APIVersion
// 2. FieldPath
//
// No other fields may be specified.
//
// Currently ObjectInfo may be used to address the Name and Namespace
// only.
ObjectInfo *ObjectReference `json:"objectInfo,omitempty" description:"describes a field of the pod to use the value of; only APIVersion and FieldPath are accepted fields"`
// Optional; HostInfo represents a downward API request for information about
// the host.
HostInfo *HostInfoSource `json:"hostInfo,omitempty" description:"describes information about the host to use"`
}There was a problem hiding this comment.
@bgrant0607 @smarterclayton I would be okay with having ObjectInfo become a field of EnvVar -- it would simplify the API greatly.
There was a problem hiding this comment.
If we think there may be multiple sources in the future, then I prefer the extra level of nesting. I was objecting to the specific combination of a pointer to an anonymous Go struct. Name the field Source.
There was a problem hiding this comment.
Perhaps we should call it fieldValue, though, rather than objectInfo, to strengthen the association with value.
There was a problem hiding this comment.
What do we want the JSON to look like?
{
"name": "myvar",
"source": { "objectInfo": { "fieldPath": ".metadata.name" } }
}
or
{
"name": "myvar",
"objectInfo": { "fieldPath": ".metadata.name" }
}
or
{
"name": "myvar",
"value": { "objectInfo": {"fieldPath": ".metadata.name" }}
}
If I parse this correctly it's #2 that we are getting, yes?
There was a problem hiding this comment.
What about calling the sources something like "FromPod" or "ValueFromPod" ?
There was a problem hiding this comment.
@thockin Either of those names is more descriptive -- unless we feel like we want open-ended info about objects, which I don't think we do.
|
Gonna go with this factoring in my next pass unless someone speaks soon: // EnvVar represents an environment variable present in a Container.
type EnvVar struct {
// Required: This must be a C_IDENTIFIER.
Name string `json:"name" description:"name of the environment variable; must be a C_IDENTIFIER"`
// Optional: defaults to "".
Value string `json:"value,omitempty" description:"value of the environment variable; defaults to empty string"`
// Optional; ObjectInfo represents a downward API request for a field of the object.
//
// Valid fields of this reference are:
//
// 1. APIVersion
// 2. FieldPath
//
// No other fields may be specified.
//
// Currently ObjectInfo may be used to address the Name and Namespace
// only.
ObjectInfo *ObjectReference `json:"objectInfo,omitempty" description:"describes a field of the pod to use the value of; only APIVersion and FieldPath are accepted fields"`
}Scratching |
| // 1. APIVersion | ||
| // 2. FieldPath | ||
| // | ||
| // No other fields may be specified. |
There was a problem hiding this comment.
This feels like an abuse of an existing type. Why not just define your own type?
|
@bgrant0607 All comments should be fixed now |
|
So now that this awesome feature is almost done... how do I choose my own names for environment variables for services? |
|
@smarterclayton We can implement a new env var source for that info |
|
Is it a different source? Seems like it's the spec.portalIP and spec.port[0] field of a service with a given name and namespace. |
Wouldn't it just be the name, since we don't support cross-ns services? |
|
It could be eventually. But yes, for now, just name. ----- Original Message -----
|
|
@smarterclayton That sounds to me like: type EnvVarSource struct {
FieldPath *ObjectFieldSelector
ServiceFieldPath *NamedObjectFieldSelector
}
type NamedObjectFieldSelector {
ObjectFieldSelector
Name string
} |
|
Kicked shippable |
|
And then we say... why do we have ServiceFieldPath and FieldPath together? ----- Original Message -----
|
|
@smarterclayton this would definitely lurch us in the direction of |
|
Yes. I'm not proposing any changes for this pull (since the types are the same) but I realized we got really focused on pod name/namespace. The follow-on will need to deal with the implications. ----- Original Message -----
|
|
@smarterclayton Agree, I will make a new issue for service downward API |
|
Services wanders into a whole different discussion - the pre-declaring Service have multiple ports - do I have to call out each one I want? How On Mon, Apr 27, 2015 at 9:20 AM, Paul Morie notifications@github.com
|
|
@thockin I am looking at the downward API for service envs as orthogonal to pre-declaring service dependencies. I think dependencies will take pre-start hooks and should be separate in the API from how the vars are constructed. |
|
Exactly. But exposing services via this mechanism is strictly better in my opinion than making up a bunch of env vars (making up one env var I can get behind, just not 100 different variants). ----- Original Message -----
|
|
Ugh. Rebasing |
|
Rebased |
|
Local e2e run looks good. |
|
@bgrant0607 Does this need anything else? |
| @@ -166,6 +166,11 @@ func init() { | |||
| obj.ExternalID = obj.ID | |||
| } | |||
| }, | |||
| func(obj *ObjectFieldSelector) { | |||
There was a problem hiding this comment.
Did you confirm that this isn't called when the pointer is nil?
|
The ObjectFieldSelector field descriptions didn't get changed as I asked, but my review latency is very high right now, so I'm not going to block on that. LGTM. |
Env var sources / downward API
|
@bgrant0607 Dang, I thought I had absolutely everything. I will fix them in a follow-up. |
As discussed in #6000 and #2316, relevant also to #386.