✨ Add support for a chunked release storage driver #350
Conversation
openshift-ci
bot
added
the
do-not-merge/work-in-progress
joelanford
force-pushed
the
chunked-release-secret-driver
branch
from
eeef665 to
3fdf9f9
Compare
|
Hi @joelanford some questions:
|
Yes, and that is desirable because:
Yes, the newer ones are already implemented in this PR, and the deprecation comments on the exported functions tell users what to switch to. Technically, because helm-operator-plugins is pre-1.0, we could remove instead of deprecate, but I figure we can let them stay for at least a few more releases.
Base32 is just to encode a hash for the chunk with a string that is short enough and also valid for a
The storage driver is setup in the helm library's |
joelanford
force-pushed
the
chunked-release-secret-driver
branch
from
3fdf9f9 to
637a156
Compare
joelanford
force-pushed
the
chunked-release-secret-driver
branch
from
637a156 to
fb76722
Compare
Codecov ReportAttention: Patch coverage is
Additional details and impacted files@@ Coverage Diff @@
## main #350 +/- ##
===========================================
- Coverage 85.06% 51.85% -33.22%
===========================================
Files 19 65 +46
Lines 1346 3238 +1892
===========================================
+ Hits 1145 1679 +534
- Misses 125 1456 +1331
- Partials 76 103 +27 ☔ View full report in Codecov by Sentry. |
openshift-ci
bot
removed
the
do-not-merge/work-in-progress
joelanford
force-pushed
the
chunked-release-secret-driver
branch
from
fb76722 to
6c3032e
Compare
|
This is cool to see a custom helm storage driver! I do have a more fundamental question - Is chunking/partitioning across multiple secrets a scalable approach? I don't necessarily think it needs to be optimized immediately, but considering this is likely going to be used by OLMv1, do we know:
While I do like the concept, I'm not confident that a "chunked" secrets driver is going to be the best approach here just out of scalability and API server load concerns. Additionally, this would require OLMv1 as a user of this API to have access to secrets (which isn't any worse than it is now), is this something we are OK with? Could a potential alternative to utilizing secrets be some other in-memory or file-based storage mechanism? Maybe something like https://github.com/dgraph-io/badger or BoltDB are some good embeddable key-value store options? EDIT: For clarification, if data shows that the concerns I expressed in this comment are not realistically a concern then I am happy to look at this PR again with a new frame on the changes |
I think it can be. We could impose a maximum number of chunks to prevent unchecked release size. We could also use a controller-runtime cache to read secrets instead of the default live client.
Anecdotally, I tried reproducing operator-framework/operator-controller#923, and it only created one secret because this storage driver doesn't do an extra/unnecessary base64-encode (that the helm secrets driver does). I'm speculating, but I would guess this driver would create 1 secret on average from the community catalog, so no more than are already created.
It would only be increased for the releases that require chunking. One thing we could do relatively easily in the future is implement a
I think I've seen metrics of ~10 on average.
This is actually part of the intent of this PR. OLM should be the thing that has access to secrets. We already have the ability to store all of these secrets in OLMv1's system namespace. This PR will also make it possible to use to use a different service account to manage the release secrets. We would give OLMv1's service account read/write access to secrets just in its namespace AND we would not require users to provide service accounts with r/w permissions, which is good because that would leak an implementation detail that users should not be concerned by.
This release data needs to persist beyond the lifetime of an individual operator-controller pod. As we've discovered in other areas, the only reliably available persistence mechanism is Kubernetes API + etcd. |
joelanford
force-pushed
the
chunked-release-secret-driver
branch
4 times, most recently
from
41f17ea to
07de0c3
Compare
This commit adds a custom helm release storage driver that overcomes limitations in the size of a single value that can be stored in etcd. In order to remain backward-compatible and also make this storage driver available, this commit also refactors the ActionConfigGetter options so that a custom function can be provided to the ActionConfigGetter that can create the desired storage driver. This commit also separates the rest config mapping into two separate options. One for interactions with the storage backend, and the other for managing release content. Signed-off-by: Joe Lanford <[email protected]>
joelanford
force-pushed
the
chunked-release-secret-driver
branch
from
07de0c3 to
14906f8
Compare
| labels["status"] = rls.Info.Status.String() | ||
| labels["version"] = strconv.Itoa(rls.Version) | ||
| labels["key"] = key | ||
| labels["type"] = "index" |
There was a problem hiding this comment.
Should this be a constant?
| labels := map[string]string{} | ||
| labels["owner"] = owner | ||
| labels["key"] = key | ||
| labels["type"] = "chunk" |
There was a problem hiding this comment.
Should this be a constant?
This commit adds a custom helm release storage driver that overcomes limitations in the size of a single value that can be stored in etcd.
In order to remain backward-compatible and also make this storage driver available, this commit also refactors the ActionConfigGetter options so that a custom function can be provided to the ActionConfigGetter that can create the desired storage driver.
This commit also separates the rest config mapping into two separate options. One for interactions with the storage backend, and the other for managing release content.