-
Notifications
You must be signed in to change notification settings - Fork 103
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Re-using a GCP CloudSQLInstance #157
Comments
Another interesting use case - 2 apps want to connect to the same database. Currently they have to be in the same namespace in order to share a secret? Is that the only way that pattern will work? |
I've tried to reproduce this but failed. I used the following YAML and it created the secret referred in apiVersion: database.gcp.crossplane.io/v1beta1
kind: CloudSQLInstance
metadata:
name: mycloudsql
spec:
forProvider:
databaseVersion: MYSQL_5_6
region: us-west2
settings:
dataDiskSizeGb: 10
dataDiskType: PD_SSD
ipConfiguration:
ipv4Enabled: true
tier: db-n1-standard-1
providerRef:
name: gcp-provider
reclaimPolicy: Delete
writeConnectionSecretToRef:
name: conn-secret-name
namespace: default
I believe this is a valid concern. I've opened crossplane/crossplane#1229 for a different thing but it'd solve your use-case, too. It'd be great if you could upvote/leave comment on that issue for prioritization. Meanwhile, you can work around and achieve this. For example, you can create
I've opened crossplane/crossplane-runtime#88 a while ago to address this use-case. It'd be great to have your input on that issue, too. |
@dsyer Currently, yes, that's the consumption model. The k8s secret has to live in the same namespace as the app. You should either deploy the app to the namespace where your claim lives or to the namespace where you specify your secret ref in For |
I believe I probably already did, up to a point. Your config has |
I simply created this resource in a fresh cluster and looked at the content of the secret with Since I created this manually and don't need a claim, |
That’s not an “existing resource” then is it? It was created by crossplane. And IIRC it does matter what the reclaim policy is, because if it’s Delete then the instance is deleted when you delete the |
@dsyer Just checked the codebase again and you're right. I thought we changed the how
I remember discussing making the first bullet above default but it looks like we didn't. However, do note that you cannot fetch the password if you import an existing CloudSQL resource in GCP into your cluster as What you could possibly do is to inject the password string into the secret referred in |
I guess I could. I would have to script it on the client side (using kubectl or similar) and it would be fragile and non-declarative. The whole point of this issue was to try and avoid doing that kind of thing. The basic idea that a database lives longer than an app has yet to be addressed in crossplane, I think. |
FWIW Google Config Connector has a |
I see that In current phase, we're working towards enabling key scenarios and going deep on quality of common pieces so that Crossplane fits the high level needs of the users rather than be just an abstraction on top of HTTP API of providers. As we upgrade more resources to |
I don't think we should allow a managed resource like a CloudSQL instance to be reused. That said, there are some bugs pointed out in this issue that need addressing. Here's some background on why our reclaim policies are how they are: crossplane/crossplane-runtime#87 (comment). This is all modelled on persistent volumes, which I believe is an appropriate model for most cloud infrastructure. Under this model you are able to reuse infrastructure, but you do so at the claim level. This is different from reusing infrastructure at the managed resource level in two important ways:
I think there's (understandably) a lot of ambiguity around what a resource claim is. I see it as what it says on the tin; a claim by an entity or entities to use some infrastructure for a particular purpose or purposes. Claims don't have to represent the needs of a single application, and don't have to be tied to the lifecycle of a single application. That all said, I would like for it to be possible but manual to reuse a managed resource. Persistent volume claims allow this; you set We have a few issues preventing this. Namely:
Agreed - this is a bug. Our claim binding reconciler should clearly indicate that binding to a released managed resource is not allowed.
Could the apps share the database at the resource claim level instead? |
I'm kind of confused by this question. Probably I'm missing something, and haven't understood the abstraction. Can you provide an example? Can I bind the same database to 2 apps? Or delete an app and re-create it and bind to the same database? Or create a new version of an app and bind to the old database during a transition period? All of those seem like valid choices. |
Sure. At risk of over-communicating, there's a few concepts in play here.
I'm going to assume your applications are modelled as Kubernetes
So if the goal is to have multiple application
So in summary, the answer to all of these is "yes", as long as you think of the Does this help at all? |
There are potentially 2 separate use cases here:
I would like to be able to bind to a SQL instance that already exists.
I would like to be able to use Crossplane to create a SQL instance, and then have it re-used by multiple claims (e.g. I deploy the same app twice).
The objective is just to save time waiting for the resource to be created. I don't want to wait 5 minutes every time I start an application, especially if I am giving a demo, or iterating fast. I am aware that the database might contain data from a previous deployment. Applications are used to dealing with that sort of thing - the database is persistent and has a long lifecycle, and the applications that consume the data are short-lived and liable to change more frequently.
What actually happens currently is
If I point a
CloudSQLInstance
to an existing resource, Crossplane happily creates a secret that contains a lot of useful information, but does not contain the database password. You can then create a claim for the instance (usingMySQLInstance
) and another secret gets created and the claim looks successful. So an application that uses the secret and tries to connect thinks it can do it, but fails when it actually needs to create a connection.Then there is a (possibly separate) problem that the default
reclaimPolicy
causes aCloudSQLInstance
to be marked asReleased
when a claim is deleted. The result is that you can subsequently claim the resource but theMySQLInstance
gets stuck in a state where it is "Managed claim is waiting for managed resource to become bindable". Again, it looks successful, but never actually becomes usable by an application. In this case the secret is never created.If it isn't possible to re-use instances, or is deemed bad practice (e.g. because the database might leak data into the next claim), maybe it would be better to make it obvious that it has failed? Refuse to accept the claim, for instance.
The text was updated successfully, but these errors were encountered: