Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Port mariadb-operator #357

Open
wants to merge 3 commits into
base: main
Choose a base branch
from
Open

Port mariadb-operator #357

wants to merge 3 commits into from

Conversation

ziyue-pan
Copy link
Contributor

  • Port mariadb-operator, adding the following files:
    • config.json
    • manifests.min.yaml
    • mariadb-secret.yaml
    • mariadb-yaml (seed CR)
    • context.json
  • Update default k8s version to 1.29.2
  • Change the namespace config in acto/constant.py to default (need help)

@tylergu
Copy link
Member

tylergu commented Mar 15, 2024

@PAN-Ziyue Is this PR ready for review?

@ziyue-pan
Copy link
Contributor Author

@PAN-Ziyue Is this PR ready for review?

Sorry for my late response.

This PR is ready for review, but I have several concerns to discuss with you.

Can only deploy mariadb-operator in default namespace

During manully deploying mariadb-operator, I found that mariadb-operator can only run in the default namespace.
Or it will warn an rbac error like:

User "system:serviceaccount:acto-namespace:mariadb-operator-cert-controller-cert-controller" cannot list resource "mutatingwebhookconfigurations" in API group "admissionregistration.k8s.io" at the cluster scope

To fix this problem, I tried to set "namespace": "default" option in config.json.
The option takes effect during deploying the CRs.
However the namespace fell back to acto-namespace when analyzing the seed custom resouce.

I am not sure whether it is an intended behavior.
I fix it with an adhoc solution to set CONST.ACTO_NAMESPACE="default".

Segfault when running the SSA tool

During porting, the SSA tool panics. That's the reason why I cannot run acto in white-box mode.

I tested 2 cases: mariadb-operator and the existing redis-ot-container-kit-operator.
Each of them crashed at different places.
However I cannot catch the root cause in a short time.
Maybe the SSA tool can be further examined.

@ziyue-pan ziyue-pan marked this pull request as ready for review March 18, 2024 06:01
@tylergu
Copy link
Member

tylergu commented Mar 22, 2024

I see, the operator deployment YAML files probably need some changes to support arbitrary namespace.

One of the dependencies of the SSA library is deprecated, so it is currently not usable.

@ziyue-pan
Copy link
Contributor Author

I see, the operator deployment YAML files probably need some changes to support arbitrary namespace.

Could you suggest which manifest fields need reviewing or modification?

@tylergu
Copy link
Member

tylergu commented Mar 22, 2024

I assume that you generated the YAML files using HELM chart? When you generate the helm chart, you should be able to specify a flag for namespace (--create-namespace and -n). If you did not specify the flag, default namespace is used.

@ziyue-pan
Copy link
Contributor Author

Thanks for your time and response.

Sorry I did not generate the YAML files using HELM chart. But I did export the YAML files from mariadb-operator's helm chart release directly.

I plan to review the issue using helm chart w/ flags as you suggested. But I may not be available these days. I apologize for my delayed response in advance.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@ziyue-pan @tylergu