Bug 2023434: Add Purchase Plan Name to Azure Machine Provider Spec #1057
Conversation
patrickdillon
changed the title
|
/bugzilla refresh |
openshift-ci
bot
added
bugzilla/severity-urgent
|
@patrickdillon: This pull request references Bugzilla bug 2023434, which is invalid:
Comment In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
|
/bugzilla refresh |
openshift-ci
bot
added
bugzilla/valid-bug
|
@patrickdillon: This pull request references Bugzilla bug 2023434, which is valid. The bug has been moved to the POST state. The bug has been updated to refer to the pull request using the external bug tracker. 3 validation(s) were run on this bug
Requesting review from QA contact: In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
|
@patrickdillon: An error was encountered querying GitHub for users with public email (zhsun@redhat.com) for bug 2023434 on the Bugzilla server at https://bugzilla.redhat.com. No known errors were detected, please see the full error message for details. Full error message.
non-200 OK status code: 403 Forbidden body: "{\n \"documentation_url\": \"https://docs.github.com/en/free-pro-team@latest/rest/overview/resources-in-the-rest-api#secondary-rate-limits\",\n \"message\": \"You have exceeded a secondary rate limit. Please wait a few minutes before you try again.\"\n}\n"
Please contact an administrator to resolve this issue, then request a bug refresh with In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
patrickdillon
force-pushed
the
azure-machine-spec
branch
from
5da375a
to
f64c426
Compare
|
Looks like |
|
/lgtm |
|
/cherry-pick release-4.9 |
|
@patrickdillon: once the present PR merges, I will cherry-pick it on top of release-4.9 in a new PR and assign it to you. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
|
For use case, see openshift/cluster-api-provider-azure#242 |
| // ThirdPartyImage indicates the image is published by a third party publisher and a Plan | ||
| // will be generated for it. | ||
| // +optional | ||
| ThirdPartyImage bool `json:"thirdPartyImage,omitempty"` |
There was a problem hiding this comment.
We avoid booleans in our API because they usually don't age well.
What would this be called if the value was ThirdParty? Is it an ImageAuthor? ImageSource? What is the alternative to third party?
There was a problem hiding this comment.
ImageSource would probably be closest. From kubernetes-sigs/cluster-api-provider-azure#928 they define it as:
Add ThirdPartyImage flag to Marketplace image to indicate an image published by a third party publisher.
We already have a field called Publisher so it is not good to call it ImagePublisher, etc
There was a problem hiding this comment.
If it not published by a third party, who is published by? microsoft, azure, redhat, someone else?
There was a problem hiding this comment.
If it's not published by a third party, it's published by Microsoft or one of its cohorts (Canonical/Ubuntu or in a case that is relevant to OpenShift Windows Container the publisher is WindowsServer).
I can't find in-depth documentation on this. These repo docs are consistent with my reading the code that the distinguishing factor is that "third-party images" need a purchase plan. The cluster api provider has a conditional statement if third-party marketplace image then generate purchase plan.
So for our particular use case, when the azure cluster-api provider(CAPZ) is provisioning a new RHCOS node using a marketplace image, the CAPZ needs to include a purchase plan parameter, but for a first-party Windows Container node, a purchase plan must not be included.
So we expect the CAPZ to use this API to produce results like this:
RHCOS image published by Red Hat
virtualMachine := &compute.VirtualMachine{
Plan: &compute.Plan{
Publisher: to.StringPtr(image.Publisher), // redhat-rhel
Name: to.StringPtr(image.SKU), // ocp-4
Product: to.StringPtr(image.Offer), // ocp-rhcos-worker
},
VirtualMachineProperties: &compute.VirtualMachineProperties{
StorageProfile: &compute.StorageProfile{
ImageReference: imageReference := &compute.ImageReference{
Publisher: to.StringPtr(vmSpec.Image.Publisher), // redhat-rhel
Offer: to.StringPtr(vmSpec.Image.Offer), // ocp-rhcos-worker
Sku: to.StringPtr(vmSpec.Image.SKU), // ocp-4
Version: to.StringPtr(vmSpec.Image.Version), // 4.9.7
},vs
Windows Server image
virtualMachine := &compute.VirtualMachine{
Plan: nil,
VirtualMachineProperties: &compute.VirtualMachineProperties{
StorageProfile: &compute.StorageProfile{
ImageReference: imageReference := &compute.ImageReference{
Publisher: to.StringPtr(vmSpec.Image.Publisher), // MicrosoftWindowsServer
Offer: to.StringPtr(vmSpec.Image.Offer), // WindowsServer
Sku: to.StringPtr(vmSpec.Image.SKU), // datacenter-core-20h2-with-containers-smalldisk
Version: to.StringPtr(vmSpec.Image.Version), // latest
},
| ThirdPartyImage bool `json:"thirdPartyImage,omitempty"` | ||
| // SharedGallery specifies an image to use from an Azure Shared Image Gallery | ||
| // +optional | ||
| SharedGallery *AzureSharedGalleryImage `json:"sharedGallery,omitempty"` |
There was a problem hiding this comment.
Is this related to the ThirdPartyImage? Are they specified together or just coincidental in this PR?
Is there a distinction between nil and empty? If there isn't, the configuration API (distinct from workload API) is more discoverable and less prone to error by not being a pointer.
There was a problem hiding this comment.
Is this related to the ThirdPartyImage? Are they specified together or just coincidental in this PR?
ThirdPartyImage is only related to Marketplace Images. There are three types of images in the upstream API. Our API has two images types (ID & marketplace) flattened together and this is adding the third as a separate struct. I'm open to other approaches, but I believe we would have to deprecate fields.
Based on our current use case there is no distinction between nil & empty, so I'm fine with removing the pointer.
| // will be generated for it. | ||
| // +optional | ||
| ThirdPartyImage bool `json:"thirdPartyImage,omitempty"` | ||
| // SharedGallery specifies an image to use from an Azure Shared Image Gallery |
There was a problem hiding this comment.
Why would I want to use this? What image is it overriding if present?
There was a problem hiding this comment.
If you use this, you are specifying you are using an image from a Shared Gallery (rather than the Marketplace or by specifying an image ID, which is our current approach for installs).
If you are using a Shared Gallery image, publisher, sku, & offer from the parent struct will be used to populate a required purchase plan. The fields from this struct would be used to create a ref to the image.
| @@ -211,6 +218,18 @@ type SecurityProfile struct { | |||
| EncryptionAtHost *bool `json:"encryptionAtHost,omitempty"` | |||
| } | |||
|
|
|||
| // AzureSharedGalleryImage defines an image in a Shared Image Gallery to use for VM creation. | |||
| type AzureSharedGalleryImage struct { | |||
There was a problem hiding this comment.
inside this type, is empty string a valid value that is distinct from "no opinion"?
There was a problem hiding this comment.
empty string would only be valid if all the fields were empty. If AzureSharedGallery images are to be used, all fields are required.
| @@ -211,6 +218,18 @@ type SecurityProfile struct { | |||
| EncryptionAtHost *bool `json:"encryptionAtHost,omitempty"` | |||
| } | |||
|
|
|||
| // AzureSharedGalleryImage defines an image in a Shared Image Gallery to use for VM creation. | |||
| type AzureSharedGalleryImage struct { | |||
| // SubscriptionID is the identifier of the subscription that contains the shared image gallery | |||
There was a problem hiding this comment.
thoughout, links to the azure concepts would be helpful.
|
/hold We don't need to support shared image galleries, so I can remove that and greatly simplify this API bump. Just need to figure out name/type for the current bool |
openshift-ci
bot
added
the
do-not-merge/hold
patrickdillon
force-pushed
the
azure-machine-spec
branch
from
f64c426
to
dadedc5
Compare
|
@patrickdillon: This pull request references Bugzilla bug 2023434, which is valid. 3 validation(s) were run on this bug
Requesting review from QA contact: In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
patrickdillon
changed the title
|
This seems ok to me, though while this is convertible to the upstream API should we need to for future projects (eg. @deads2k The change to make this not a bool doesn't really seem to add value to me, since we are saying the value should match the SKU (we are effectively treating it as a bool, rather than an enum). The only way I can see this being advantageous is if, somewhere down the line, the purchase plan name doesn't match the SKU. |
I agree with Joel. I think the boolean for |
patrickdillon
force-pushed
the
azure-machine-spec
branch
2 times, most recently
from
be881cf
to
404f366
Compare
|
/hold cancel |
openshift-ci
bot
removed
the
do-not-merge/hold
patrickdillon
force-pushed
the
azure-machine-spec
branch
from
404f366
to
43b6214
Compare
| // For more information about purchase plans, see: | ||
| // https://docs.microsoft.com/en-us/azure/virtual-machines/linux/cli-ps-findimage#check-the-purchase-plan-information | ||
| // +optional | ||
| Type string `json:"type,omitempty"` |
There was a problem hiding this comment.
I think this works from a description point of view, I would be tempted to add the valid values as constants and make this a typed string, this should then give us constsants to use during the implementation which should make things cleaner
type AzureImageType string
const (
AzureImageTypeID AzureImageType = "ID"
AzureImageTypeMarketplaceNoPlan AzureImageType = "MarketPlaceNoPlan"
AzureImageTypeMarketplaceWithPlan AzureImageType = "MarketPlaceWithPlan"
)
WDYT?
patrickdillon
force-pushed
the
azure-machine-spec
branch
from
43b6214
to
0dd4457
Compare
With Azure marketplace images, some images require that the subscription accept the terms of a purchase plan before using; and that purchase plan information must be included in Azure API calls when provisioning a VM. Images that do not require purchase plans must not submit purchase plan info. This adds an image type to distinguish between Marketplace images with or without purchase plans. It could be used in the future to support images from galleries.
patrickdillon
force-pushed
the
azure-machine-spec
branch
from
0dd4457
to
62d90f1
Compare
|
/approve |
openshift-ci
bot
added
the
approved
|
@patrickdillon: All pull requests linked via external trackers have merged: Bugzilla bug 2023434 has been moved to the MODIFIED state. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: deads2k, JoelSpeed, patrickdillon The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
|
@patrickdillon: #1057 failed to apply on top of branch "release-4.9": In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
Edited: The original PR added support for both Marketplace and Shared Image Gallery images. I have decreased the scope to only Marketplace images, which means we just need a flag as to when to populate the purchase plan. To avoid a boolean, I have added a
stringfieldPurchasePlanNamewhich when present should have the same value as theSKU, and would indicate we should create a plan. Using a string avoids using a boolean, and allows us space if there is ever drift in the Microsoft API where purchase plan name != SKU.Upstream types: https://github.com/kubernetes-sigs/cluster-api-provider-azure/blob/d2b4e8ed2313adc270a0911d9d0c64e344f34cc4/api/v1beta1/types.go#L316-L398
The OpenShift cluster-api-provider-azure will need to implement logic based off the upstream (I will open a PR soon): https://github.com/kubernetes-sigs/cluster-api-provider-azure/blob/d2b4e8ed2313adc270a0911d9d0c64e344f34cc4/azure/services/virtualmachines/virtualmachines.go#L259-L287