Comments (9)
Looks config map would be a good fit for passing these config options like proposal done for issue #57, we could reuse the same config map with adding config.json as below:
apiVersion: v1
data:
network-resource-injector-environment-variable: '{"spec":{"containers":[{"image":"docker.io/nfvpe/sriov-device-plugin","env":[{"name":"APP_ROLE","value":"client"}],"name":"application"}]}}'
config.json: |
{
"webhookconfig": {
"injectHugepageDownApi": true,
"networkResourceNameKeys": ["k8s.v1.cni.cncf.io/resourceName", "k8s.v1.cni.cncf.io/bridgeName"],
"honorResources": false
}
}
kind: ConfigMap
metadata:
name: network-resource-injector-customized-injection-config
namespace: network-resource-injector-namespace
and mount config.json as config-volume inside the NRI pod, load it into a struct and configure the webhook accordingly.
from network-resources-injector.
I read previous comments and tried to create final ConfigMap that would have section for control of features state and in addition possibility to define additional properties for features. Please find it below.
Within this issue, I'm not going to change implementation of for instance custom injections. I will focus only on ConfigMap handling and dynamic features toggle. It means that user will be able to enable / disable features on the fly.
This change also should take care of restoring default state of feature when ConfigMap will be removed. It means that the state before ConfigMap should be restored for instance defined by CLI flags.
apiVersion: v1
kind: ConfigMap
metadata:
name: nri-feature-control-map-1
namespace: kube-system
data:
# JSON at the beginning defines features with the status. The later sections may define additional arguments to each feature.
# For instance resource key names, or custom injections which right now are stored in separate configMap
config.json: |
{
"features": {
"enableHugePageDownApi": false
"enableHonorExistingResources": false
"enableCustomizedInjection": false
"enableResourceName": false
},
"networkResourceNameKeys": ["k8s.v1.cni.cncf.io/resourceName", "k8s.v1.cni.cncf.io/bridgeName"],
"customInjection": {
network-resource-injector-pod-annotation: '{"op": "add", "path": "/metadata/annotations", "value": {"k8s.v1.cni.cncf.io/networks": "sriov-net-attach-def"} }'
}
}
from network-resources-injector.
I think the issue has two aspects, one is to pass config to NRI, the other is to have structured config for various features.
For passing config to NRI, as @pperiyasamy mentioned, we could use configMap, or environment variable or a regular config file (mounted via volume) or cli cmd options. configMap and regular config file have advantage that features can be toggled on the fly when NRI is running, while environment variable and cli cmd can only be configured when NRI starts. If all of them are to be supported, there needs to be an order of preference.
For stuctured config data, as feature grows, we probably can define sections to organize the configurations, just like ini file, which may contain multiple sections, with each section contains key:value pair. For example:
[default]
enableCustomizedInjection = false
[resource]
injectResourceName = true
honorExistingResources = true
resourceNameKeys = ["key 1", "key 2"]
[volume] or [downward]
injectHugepageDownApi = true
injectNetInfo = true
[customInjection]
network-resource-injector-pod-annotation = '{"op": "add", "path": "/metadata/annotations", "value": {"k8s.v1.cni.cncf.io/networks": "sriov-net-attach-def"} }'
Section name can be different, depending on whether we want to separate them or have single section.
from network-resources-injector.
Proposed Order of Precedence of NRI at start time:
- CLI flags
- Env vars
- ConfigMap
- Defaults
During run time, configMap updates would override.
I like the sections - Clearer for the user to determine what each key-value is related to.
from network-resources-injector.
@zshi-redhat Are you ok with the order of precedence above?
from network-resources-injector.
@zshi-redhat Are you ok with the order of precedence above?
@martinkennelly the order looks good to me.
from network-resources-injector.
I'm going to work on this issue. Please comment if someone have something against it.
from network-resources-injector.
Can you explain me why definition of key, pairs for customInjections are within proposed proposed config map data section #61 (comment) ? I would expect that config map in that case have only control switch to enable or disable custom injections or any other feature of NRI. While for instance the user defined injections are stored in another config map - nri-user-defined-injections like it is done now.
from network-resources-injector.
Can you explain me why definition of key, pairs for customInjections are within proposed proposed config map data section #61 (comment) ? I would expect that config map in that case have only control switch to enable or disable custom injections or any other feature of NRI. While for instance the user defined injections are stored in another config map - nri-user-defined-injections like it is done now.
Good question!
While writing that comment, I was thinking putting all the supported configuration in the single configMap. but when I implemented the user-defined-injections, this feature control configMap didn't exist, so I used the separate configMap(nri-user-defined-injections).
For the feature control configmap, I think we can start by adding only enable/disable key/value pairs. then consider if it's needed to move user-defined-injection to this feature control configMap.
from network-resources-injector.
Related Issues (20)
- resource not injected in a large K8s cluster HOT 7
- Certificates v1beta1 will no longer be support on k8s release 1.22 HOT 4
- Add stable tag for network resource injector container
- Release network-resources-injector v1.3 HOT 5
- Create a Deployment yaml for network-resource-injector
- Add Helm Chart
- NRI pod restart not handled HOT 3
- Health check for webhook server
- Release of Network resources injector HOT 3
- Too wide permissions given to service accounts
- CI lane is not able to finish the kind deployment HOT 2
- Help understanding webhook client certificates
- New release ? HOT 4
- 'User defined injections' feature does not react on ConfigMap remove HOT 1
- 'User defined injections' feature removes defined network annotations HOT 2
- create new release HOT 4
- User Defined Injections - does not take into account json path operation HOT 2
- User Defined Injections - injects only one property
- Can Network-Resources-Injector(NRI) to be deployed as a deployment HOT 2
- Resources limit and requests are added only to first container inside POD HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from network-resources-injector.