Add V1beta1 VolumeAttachment API #58462
Conversation
k8s-ci-robot
added
do-not-merge/work-in-progress
k8s-github-robot
added
the
kind/api-change
NickrenREN
force-pushed
the
va-to-beta
branch
from
d66f001 to
3b82e22
Compare
k8s-github-robot
removed
the
kind/api-change
NickrenREN
force-pushed
the
va-to-beta
branch
4 times, most recently
from
989985a to
38a214b
Compare
NickrenREN
changed the title
k8s-ci-robot
removed
the
do-not-merge/work-in-progress
|
/assign @saad-ali @jsafrane @caesarxuchao |
|
Finally..... All checks turn green. |
NickrenREN
force-pushed
the
va-to-beta
branch
from
38a214b to
fc88fe5
Compare
|
/retest |
pkg/features/kube_features.go
Outdated
| @@ -255,7 +255,7 @@ var defaultKubernetesFeatureGates = map[utilfeature.Feature]utilfeature.FeatureS | |||
| ServiceNodeExclusion: {Default: false, PreRelease: utilfeature.Alpha}, | |||
| MountContainers: {Default: false, PreRelease: utilfeature.Alpha}, | |||
| VolumeScheduling: {Default: false, PreRelease: utilfeature.Alpha}, | |||
| CSIPersistentVolume: {Default: false, PreRelease: utilfeature.Alpha}, | |||
| CSIPersistentVolume: {Default: false, PreRelease: utilfeature.Beta}, | |||
There was a problem hiding this comment.
Let's turn it on by default, now that it is alpha.
There was a problem hiding this comment.
Right, beta not alpha, brain fart.
| @@ -82,7 +82,7 @@ func (config AuthorizationConfig) New() (authorizer.Authorizer, authorizer.RuleR | |||
| graph, | |||
| config.InformerFactory.Core().InternalVersion().Pods(), | |||
| config.InformerFactory.Core().InternalVersion().PersistentVolumes(), | |||
| config.VersionedInformerFactory.Storage().V1alpha1().VolumeAttachments(), | |||
| config.VersionedInformerFactory.Storage().V1beta1().VolumeAttachments(), | |||
There was a problem hiding this comment.
NodeAuthorizer should handle BOTH V1alpha1().VolumeAttachments and V1beta1().VolumeAttachments not just one or the other.
There was a problem hiding this comment.
Since we can get both versions VolumeAttachment objects by V1beta1 or V1alpha1 API, so any API version here will do ? Not sure. cc @liggitt
There was a problem hiding this comment.
NodeAuthorizer should handle BOTH V1alpha1().VolumeAttachments and V1beta1().VolumeAttachments not just one or the other.
No, it will only watch one to populate the authorizer graph (it uses the info to authorize requests for either version). The authorizer runs in process in the apiserver, so it is never version skewed. I'd expect it to watch v1beta1
There was a problem hiding this comment.
Thanks for the clarification, disregard this comment @NickrenREN.
| @@ -574,7 +574,7 @@ func BuildStorageFactory(s *options.ServerRunOptions) (*serverstorage.DefaultSto | |||
| // FIXME (soltysh): this GroupVersionResource override should be configurable | |||
| []schema.GroupVersionResource{ | |||
| batch.Resource("cronjobs").WithVersion("v1beta1"), | |||
| storage.Resource("volumeattachments").WithVersion("v1alpha1"), | |||
| storage.Resource("volumeattachments").WithVersion("v1beta1"), | |||
There was a problem hiding this comment.
What happens if we leave this v1alpha1? If we add new things to v1alpha1 but not to the v1beta1 will this handle it correctly?
There was a problem hiding this comment.
There could only be one storage version. You have to keep the v1alpha1 and v1beta1 roundtrippable. It's an api requirement in the api conventions doc.
If you want to test new things in alpha, you can create a new struct and specify here to store it as v1alpha1.
There was a problem hiding this comment.
If you store in v1alpha1, you have the option to downgrade and have VolumeAttachments keep working in alpha form, but you have alpha data in etcd, which means you cannot drop the alpha types until storage migration is solved.
If you store in beta, you are better positioned to drop alpha types sooner (since the only people who would have alpha data were people who upgraded from 1.9 with the alpha flag enabled)
There was a problem hiding this comment.
I'd probably expect to store in v1beta1
There was a problem hiding this comment.
Ok. I'm slightly concerned that doing so will require us to add new features to both v1beta1 but v1alpha1, but, we'll leave storage as v1beta1.
NickrenREN
force-pushed
the
va-to-beta
branch
from
fc88fe5 to
644a9db
Compare
test/integration/auth/node_test.go
Outdated
| @@ -107,7 +107,7 @@ func TestNodeAuthorizer(t *testing.T) { | |||
| masterConfig.GenericConfig.AdmissionControl = nodeRestrictionAdmission | |||
|
|
|||
| // enable testing volume attachments | |||
| masterConfig.ExtraConfig.APIResourceConfigSource.(*serverstorage.ResourceConfig).EnableVersions(storagev1alpha1.SchemeGroupVersion) | |||
| masterConfig.ExtraConfig.APIResourceConfigSource.(*serverstorage.ResourceConfig).EnableVersions(storagev1beta1.SchemeGroupVersion) | |||
There was a problem hiding this comment.
Should be able to remove this line if the beta version is enabled by default
| @@ -294,13 +294,21 @@ var etcdStorageData = map[schema.GroupVersionResource]struct { | |||
| }, | |||
| // -- | |||
|
|
|||
| // k8s.io/kubernetes/pkg/apis/storage/v1alpha1 | |||
There was a problem hiding this comment.
For minimal diff, keep alpha first and add beta below?
NickrenREN
force-pushed
the
va-to-beta
branch
from
644a9db to
f45ca86
Compare
|
/lgtm /assign @liggitt for API approval |
|
@saad-ali: GitHub didn't allow me to assign the following users: API, approval, for. Note that only kubernetes members and repo collaborators can be assigned. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
k8s-ci-robot
added
the
lgtm
NickrenREN
force-pushed
the
va-to-beta
branch
from
76032ee to
9f44ed4
Compare
k8s-github-robot
removed
the
lgtm
|
just rebase. @saad-ali |
NickrenREN
force-pushed
the
va-to-beta
branch
from
9f44ed4 to
84baa6a
Compare
NickrenREN
force-pushed
the
va-to-beta
branch
from
84baa6a to
d7ffadd
Compare
|
/lgtm |
k8s-ci-robot
added
the
lgtm
|
@NickrenREN: GitHub didn't allow me to request PR reviews from the following users: brendanburns. Note that only kubernetes members and repo collaborators can review this PR, and authors cannot review their own PRs. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
|
/cc @brendandburns |
|
/approve |
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: brendandburns, NickrenREN, saad-ali The full list of commands accepted by this bot can be found here.
Needs approval from an approver in each of these OWNERS Files:
You can indicate your approval by writing |
k8s-ci-robot
added
the
approved
|
/test all [submit-queue is verifying that this PR is safe to merge] |
|
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions here. |
What this PR does / why we need it:
Add V1beta1 VolumeAttachment API, co-existing with Alpha API object
Which issue(s) this PR fixes (optional, in
fixes #<issue number>(, fixes #<issue_number>, ...)format, will close the issue(s) when PR gets merged):Fixes #58461
Special notes for your reviewer:
Release note: