handle upgrade kafka from zookeeper to kraft #1284
Conversation
ldpliu
force-pushed
the
kafka-upgrade
branch
5 times, most recently
from
e6b8013 to
09f9a2d
Compare
| @@ -1,7 +1,7 @@ | |||
| apiVersion: kafka.strimzi.io/v1beta2 | |||
| kind: KafkaNodePool | |||
| metadata: | |||
| name: kafka | |||
| name: kraft | |||
There was a problem hiding this comment.
why change the name to Kraft? It seems wired to name a resource to kraft.
There was a problem hiding this comment.
why change the name to
Kraft? It seems wired to name a resource tokraft.
If we do not change the name, the pvc will conflict in upgrade env.
There was a problem hiding this comment.
Kraft is an algorithm. Maybe we can just name it kafka-node-pool or kafka-cluster to distinguish it from the original one.
There was a problem hiding this comment.
Kraft is an algorithm. Maybe we can just name it
kafka-node-poolorkafka-clusterto distinguish it from the original one.
Sure, we could change it, @clyang82 what's your suggestion?
There was a problem hiding this comment.
How about use name: "global-hub" as kafkanodepool name
There was a problem hiding this comment.
There are several options for now:
- global-hub
- global-hub-kafka
- multicluster-global-hub-kafka
- kafka-cluster
- kafka-node-pool
I suggest using the name multicluster-global-hub-kafka for the built-in Kafka, which aligns with the built-in Postgres(multicluster-global-hub-postgresql)
There was a problem hiding this comment.
Note: you can define the nodepool instance with multicluster-global-hub, and all the broker instances will automatically have the suffix -kafka, if I recall correctly.
There was a problem hiding this comment.
I would like to use kraft as a name, and then the kafka pod name can be kafka-kraft-0. it is easy to understand the kafka is use kraft mode.
There was a problem hiding this comment.
Ok, it looks like we have the final decision. Let's go with the name kraft
doc/reserved_names/README.md
Outdated
| @@ -22,6 +22,7 @@ List all annotations are used by multicluster global hub. | |||
| |global-hub.open-cluster-management.io/import-cluster-in-hosted=true\|false | This annotation is used to identify if managedhub cluster should be imported in hosted mode | | |||
| | global-hub.open-cluster-management.io/with-inventory | This annotation is used to identify the common inventory is deployed. | | |||
| | global-hub.open-cluster-management.io/with-stackrox-integration | This annotation enables the experimental integration with [Stackrox](https://github.com/stackrox).| | |||
| | global-hub.open-cluster-management.io/resync-kafka-client-secret | This annotation is used to identify if the kafka client secret is resynced in agent.| | |||
There was a problem hiding this comment.
Is this annotation to indicate the agent should resign the client certificates?
There was a problem hiding this comment.
Is this annotation to indicate the agent should resign the client certificates?
it means the secrete re-synced.
There was a problem hiding this comment.
maybe use resign-kafka-client-secret or regenerate-kafka-client-secret
There was a problem hiding this comment.
if you add the annotation, will it be removed by addon framework?
There was a problem hiding this comment.
if you add the annotation, will it be removed by addon framework?
No
| @@ -1,7 +1,7 @@ | |||
| apiVersion: kafka.strimzi.io/v1beta2 | |||
| kind: KafkaNodePool | |||
| metadata: | |||
| name: kafka | |||
| name: kraft | |||
There was a problem hiding this comment.
I would like to use kraft as a name, and then the kafka pod name can be kafka-kraft-0. it is easy to understand the kafka is use kraft mode.
| @@ -448,7 +492,7 @@ func (k *strimziTransporter) GetConnCredential(clusterName string) (*transport.K | |||
| // topics | |||
| credential.StatusTopic = config.GetStatusTopic(clusterName) | |||
| credential.SpecTopic = config.GetSpecTopic() | |||
|
|
|||
| credential.IsNewKafkaCluster = k.isNewKafkaCluster | |||
There was a problem hiding this comment.
it may have a case that the value is set as true firstly and the the operator is restarted, the value is set as false.
There was a problem hiding this comment.
it may have a case that the value is set as true firstly and the the operator is restarted, the value is set as false.
I think it's fine, we only use it once. after agent resynced secret, it is useless
doc/reserved_names/README.md
Outdated
| @@ -22,6 +22,7 @@ List all annotations are used by multicluster global hub. | |||
| |global-hub.open-cluster-management.io/import-cluster-in-hosted=true\|false | This annotation is used to identify if managedhub cluster should be imported in hosted mode | | |||
| | global-hub.open-cluster-management.io/with-inventory | This annotation is used to identify the common inventory is deployed. | | |||
| | global-hub.open-cluster-management.io/with-stackrox-integration | This annotation enables the experimental integration with [Stackrox](https://github.com/stackrox).| | |||
| | global-hub.open-cluster-management.io/resync-kafka-client-secret | This annotation is used to identify if the kafka client secret is resynced in agent.| | |||
There was a problem hiding this comment.
maybe use resign-kafka-client-secret or regenerate-kafka-client-secret
doc/reserved_names/README.md
Outdated
| @@ -22,6 +22,7 @@ List all annotations are used by multicluster global hub. | |||
| |global-hub.open-cluster-management.io/import-cluster-in-hosted=true\|false | This annotation is used to identify if managedhub cluster should be imported in hosted mode | | |||
| | global-hub.open-cluster-management.io/with-inventory | This annotation is used to identify the common inventory is deployed. | | |||
| | global-hub.open-cluster-management.io/with-stackrox-integration | This annotation enables the experimental integration with [Stackrox](https://github.com/stackrox).| | |||
| | global-hub.open-cluster-management.io/resync-kafka-client-secret | This annotation is used to identify if the kafka client secret is resynced in agent.| | |||
There was a problem hiding this comment.
if you add the annotation, will it be removed by addon framework?
ldpliu
force-pushed
the
kafka-upgrade
branch
from
09f9a2d to
675b0f7
Compare
| } | ||
| signedSecret := &corev1.Secret{ | ||
| ObjectMeta: metav1.ObjectMeta{ | ||
| Name: kafkaConn.ClientSecretName, |
There was a problem hiding this comment.
In the BYO case, the ClientSecretName might be empty in the kafkaConn. So, you need to assert it is not empty before retrieving the secret.
Signed-off-by: root <[email protected]>
ldpliu
force-pushed
the
kafka-upgrade
branch
from
675b0f7 to
b36ba67
Compare
| } | ||
| log.Infof("update transport config secret") | ||
|
|
||
| transportSecret.Annotations[constants.ResyncKafkaClientSecretAnnotation] = "true" |
There was a problem hiding this comment.
We need to confirm whether the annotation is overwritten by AppliedManifestWork or not.
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: clyang82, ldpliu The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
|
Summary
Related issue(s)
Fixes #
https://issues.redhat.com/browse/ACM-16108
Tests
make unit-tests.make integration-test.make e2e-test-all.