OADP-5079 Add support for legacy aws plugin #1565
Conversation
openshift-ci
bot
added
the
do-not-merge/work-in-progress
|
PR is in Draft state now because this won't work until we have quay builds for the legacy plugin |
openshift-ci
bot
added
the
approved
| @@ -75,6 +76,7 @@ const ( | |||
| // Plugin names | |||
There was a problem hiding this comment.
This is confusing for me. Plugin names are aws, gcp, etc, for me. This is only used as the container name of each plugin, right?
There was a problem hiding this comment.
The container name is the only actual "name" string that's used in the velero side of the configuration -- as the container name. aws/gcp/etc. only exist as values for the velero default plugin list. So from a velero point of view, this is the plugin name.
| @@ -25,6 +25,7 @@ type DefaultPluginFields struct { | |||
| PluginImage string | |||
| PluginSecretKey string | |||
| PluginName string | |||
There was a problem hiding this comment.
would change this to ContainerName to avoid confusion
| @@ -398,9 +399,9 @@ func (r *DPAReconciler) validateGCPBackupStorageLocation(bslSpec velerov1.Backup | |||
| return nil | |||
| } | |||
|
|
|||
| func pluginExistsInVeleroCR(configuredPlugins []oadpv1alpha1.DefaultPlugin, expectedPlugin oadpv1alpha1.DefaultPlugin) bool { | |||
| func pluginExistsInVeleroCR(configuredPlugins []oadpv1alpha1.DefaultPlugin, expectedProvider string) bool { | |||
There was a problem hiding this comment.
This is a duplication of the function changed in controllers/vsl.go. I would delete function in that file and use this one
This function name is wrong, no? From what I see in code, DPA was called velero at some point in time. It should be pluginExistsInDPA or something like this, right?
There was a problem hiding this comment.
I was trying to avoid making major functionality changes since we want to backport to 1.4. The only change here is we're passing a regular string rather than a string that's typecast to expectedPlugin -- until this change, the plugin name and the provider were always the same. Now they're not, since both legacy-aws and aws have the provider aws.
| @@ -412,7 +413,7 @@ func (r *DPAReconciler) validateProviderPluginAndSecret(bslSpec velerov1.BackupS | |||
| return nil | |||
| } | |||
| // check for existence of provider plugin and warn if the plugin is absent | |||
| if !pluginExistsInVeleroCR(r.dpa.Spec.Configuration.Velero.DefaultPlugins, oadpv1alpha1.DefaultPlugin(bslSpec.Provider)) { | |||
| if !pluginExistsInVeleroCR(r.dpa.Spec.Configuration.Velero.DefaultPlugins, bslSpec.Provider) { | |||
| r.Log.Info(fmt.Sprintf("%s backupstoragelocation is configured but velero plugin for %s is not present", bslSpec.Provider, bslSpec.Provider)) | |||
There was a problem hiding this comment.
@stillalearner changed this in VSL from a warning log and warning event to error validation. I think it makes sense to do the same for BSLs
Sachin, so there is validation here #1559 (comment)
There was a problem hiding this comment.
The goal of this PR is not to change how BSLs work but to react to adding a new plugin where plugin name and provider don't match anymore. If we want to change validation rules, that should be a separate PR.
There was a problem hiding this comment.
@mateusoliveira43 @sseago Sure, Thanks ! Will create a separate PR for this validation . Noted.
| @@ -155,5 +165,10 @@ func (r *DPAReconciler) ValidateVeleroPlugins(log logr.Logger) (bool, error) { | |||
| } | |||
| } | |||
| } | |||
|
|
|||
| if foundAWSPlugin && foundLegacyAWSPlugin { | |||
There was a problem hiding this comment.
I would change code here to something like
if slices.Contains(dpa.Spec.Configuration.Velero.DefaultPlugins, oadpv1alpha1.DefaultPluginAWS) &&
slices.Contains(dpa.Spec.Configuration.Velero.DefaultPlugins, oadpv1alpha1.DefaultPluginLegacyAWS) {I think it is easier to read
There was a problem hiding this comment.
Readability is subjective here. I would find that change harder to read -- but we're already iterating over the slice once above. Adding this would mean 2 more iterations.
openshift-ci
bot
removed
the
do-not-merge/work-in-progress
|
/retest |
|
TODO: Add legacy-aws to e2e |
|
/test 4.16-e2e-test-aws |
1 similar comment
|
/test 4.16-e2e-test-aws |
controllers/validator.go
Outdated
| @@ -104,10 +104,20 @@ func (r *DPAReconciler) ValidateVeleroPlugins(log logr.Logger) (bool, error) { | |||
| } | |||
| } | |||
|
|
|||
| foundAWSPlugin := false | |||
| foundLegacyAWSPlugin := false | |||
| for _, plugin := range dpa.Spec.Configuration.Velero.DefaultPlugins { | |||
| pluginSpecificMap, ok := credentials.PluginSpecificFields[plugin] | |||
| pluginNeedsCheck, foundInBSLorVSL := providerNeedsDefaultCreds[string(plugin)] | |||
There was a problem hiding this comment.
Do we also need to change here because of line 94?
There was a problem hiding this comment.
@mateusoliveira43 You are correct again. I'll fix this.
There was a problem hiding this comment.
I ran E2E tests in my IBM cluster, by changing $PROVIDER here
to
legacy-aws and they all passed ✅ (did not run virt tests)
I also ran some commands like grep -Inr "DefaultPlugins" . --exclude-dir=tests --exclude=\*_test.go, and I think all necessary code changes were made, except for this question #1565 (comment)
FYI @mateusoliveira43 If this worked for you and have completed the code review I would expect to see you vote as well sir. Thank you |
|
Testing will be covered here: https://issues.redhat.com/browse/OADP-5106 |
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: mateusoliveira43, shubham-pampattiwar, sseago The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
|
/lgtm |
|
/override ci/prow/4.17-e2e-test-kubevirt-aws |
|
@kaovilai: Overrode contexts on behalf of kaovilai: ci/prow/4.17-e2e-test-kubevirt-aws In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. |
|
/override ci/prow/4.17-e2e-test-kubevirt-aws |
|
@sseago: Overrode contexts on behalf of sseago: ci/prow/4.17-e2e-test-kubevirt-aws In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. |
openshift-merge-bot
bot
merged commit 0d5ba7b
into
openshift:master
|
@sseago: The following test failed, say
Full PR test history. Your PR dashboard. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here. |
Why the changes were made
Certain s3 providers don't support the AWS SDK v2 updates made in velero-plugin-for-aws v1.9+ (OADP 1.4+). This PR provides the ability to use the v1.8 plugin in a newer OADP environment.
How to test the changes made
In the DPA
DefaultPluginssection, uselegacy-awsinstead ofaws. S3 providers that work with the regular aws plugin should still work here. S3 providers that error out in various ways with the regular plugin should also work.