A new generic way of informing rsync that there are additional resources/actions that need to be taken care of, outside of the typical top-level K8s resources.
Note: This is not proposing a new type of resources (outside of the current K8s resources) but rather a level deeper into K8s resources.
This particular way is generic in the sense that K8s resources may have subresources which are updatable. And for any of them, the solution below would apply.
One example is approval, which is a K8s subresource of CertificateSigningRequest.
The early idea about how to go about telling rsync what to do with subresources is the following (example for DCM's CSR approval sequence specifically):
- We already push a resource in etcd in order to create a CSR:
/context/7211642839602631922/app/logical-cloud/cluster/myclusterprovider+cluster-101/resource/lc1+CertificateSigningRequest
- Let us introduce an optional
/subresourceshandle for resources, such as:
/context/7211642839602631922/app/logical-cloud/cluster/myclusterprovider+cluster-101/resource/lc1+CertificateSigningRequest/subresources
- Inside, specify each of the subresources intended, for example
/approval
/context/7211642839602631922/app/logical-cloud/cluster/myclusterprovider+cluster-101/resource/lc1+CertificateSigningRequest/subresources/approval
- Modify rsync's pipeline to process every subresource found in each resource and execute operate on such subresource according to the body of instructions of the subresource value as presented by etcd (json). Example for approval subresource:
{"operation: "update""lastUpdateTime":"2020-08-28T02:33:50Z","message":"Approved for DCM","reason":"ApprovedForDCM","type":"Approved"}
- Regarding the above, rsync should introduce a few new Go interfaces to consistently deal with subresources. One top-level interface to specify common subresource parameters, such as operation and lower-level interfaces to specify what additionally goes into each type of subresource, such as
lastUpdateTime,message,reasonandtypefor approval.
- This is sufficient in dealing with the CSR approval request part of the workflow and may be useful for other similar non-apply K8s instructions in the future. Without major code changes.
Some official words about K8s subresources here: https://kubernetes.io/docs/reference/using-api/api-concepts/, such as:
“Some resource types will have one or more sub-resources, represented as sub paths below the resource:
Cluster-scoped subresource: GET /apis/GROUP/VERSION/RESOURCETYPE/NAME/SUBRESOURCE
Namespace-scoped subresource: GET /apis/GROUP/VERSION/namespaces/NAMESPACE/RESOURCETYPE/NAME/SUBRESOURCE”
The latest WIP patch for DCM already implements the DCM-side of the above bulletpoints: https://gerrit.onap.org/r/c/multicloud/k8s/+/110641.