-
Notifications
You must be signed in to change notification settings - Fork 912
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Design Document for Cross-Resource Dependencies #4100
Comments
I've put some thinking on what an API would look like for a generic type that would solve both the deletion ordering and generic referencing starting from the one proposed here.
The first issue I was having was the confusion with the reversed direction of the from/to fields compared to the one that my brain used to (from the composition patches). Especially when I want to include transforms, then it gets more confusing, e.g. When I imagine the future of this API with similar support as composition patches with transforms, I ended up introducing a new apiVersion: apiextensions.crossplane.io/v1alpha1
type: Reference
metadata:
name: subnet-to-vpc
spec:
type: PatchesFieldPath
patchesFieldPath:
from:
apiVersion: network.aws.crossplane.io/v1alpha2
kind: VPC
name: my-vpc
fieldPath: metadata.annotations[crossplane.io/external-name]
to:
apiVersion: network.aws.crossplane.io/v1alpha2
kind: Subnet
name: my-subnet
# Note the optional fieldPath is specified here and below.
fieldPath: spec.forProvider.vpcId
transforms:
- type: string
string:
fmt: "id:%s" apiVersion: apiextensions.crossplane.io/v1alpha1
type: Reference
metadata:
name: subnet-to-vpc
spec:
type: PatchesWithCombine
patchesWithCombine:
variables:
from:
- apiVersion: s3.aws.crossplane.io/v1beta1
kind: Bucket
name: my-bucket
fieldPath: metadata.annotations[crossplane.io/external-name]
- apiVersion: s3.aws.crossplane.io/v1beta1
kind: Bucket
name: my-bucket
fieldPath: metadata.annotations[crossplane.io/external-name]
strategy: string
to:
apiVersion: iam.aws.crossplane.io/v1beta1
kind: Policy
name: my-policy
fieldPath: spec.forProvider.document
string:
fmt: |
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [ "s3:*" ],
"Resource": [
"arn:aws:s3:::%s",
"arn:aws:s3:::%s/*"
]
}
]
} I don't know the exact details of the reasoning behind the design of the API for Combine* type patches and but if it were purely for backward compatibility, we could still come up with a more straightforward API here without requiring to introduce the However, at this point, I am starting to believe the patching case (generic cross-resource referencing) would require more consideration and grow in a different direction, not necessarily related to the deletion-ordering use case not only API-wise but also implementation-wise. So, I am questioning whether we would really want to solve the two use cases with one API:
|
We are mostly aligned that using separate API types for deletion ordering and generic cross-resource referencing is the way to go. With the design PR for deletion ordering opened, proposing a |
@turkenh I was just going to post here when the issue was closed. Is there now another issue to track for "generic cross-resource referencing"? Generic cross-resource referencing is really the most important part for us. We're building the infrastructure management part of our IDP around Crossplane. Our main cloud vendor i Azure, which means that almost every XRD needs to a reference to a resource group claim. Plus other cases like a PostgreSQL Database referencing the PostgreSQL Server it's in. My gut feeling was that it would make sense to have a single API for them since having a reference from one resource to another typically means that you want the former to be deleted before the latter. This holds true for for the examples I gave above, i.e. Azure resource groups should be deleted after the resources in them, a PostgreSQL Database should be deleted before the PostgreSQL Server it's in. It might be though that this will be handled by Azure, i.e Azure might just refuse to delete a non-empty resource groups, but it doesn't feel great to have to depend on the downstream behavior, which probably varies a lot. |
Yes. This was a feature being tracked already here and here.
While this sounds valid in theory, we are not aware of any real use cases where you need to define a deletion ordering between two cloud resources, especially when they are part of the same cloud provider. For example, when you compose an Azure ResourceGroup together with an Azure Database and delete the composite deleting them together, you won't get a rejection with the deletion of the Database, which is handled by the cloud provider, as you stated. With that said, I acknowledge that there could be cases where you want to block deletion of the resource you patched from, but it is not common enough to limit ourselves to building a combined API and go with a more explicit approach. One can always define a |
What problem are you facing?
As the project continues to evolve, we have identified two prominent patterns of dependencies between managed resources:
After initial discussions and investigations (#1770, #3393 and this doc) we have come to believe that both types of dependencies could be addressed through a unified design by introducing a new type as proposed here.
How could Crossplane help solve your problem?
Write a design doc for cross-resource dependencies.
The text was updated successfully, but these errors were encountered: