Skip to content

Create OpenShift Service Catalog tables #260

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
agrare merged 13 commits into from
Aug 27, 2018
Merged

Create OpenShift Service Catalog tables #260

Changes from 1 commit
Commits
Show all changes
13 commits
Select commit Hold shift + click to select a range
45b5eb1
Create OpenShift Service Catalog tables
Ladas Aug 21, 2018
dae30d5
Cleanup the tables and remove secrets
Ladas Aug 22, 2018
72b3091
Fix ems_id name, it was generated wrong
Ladas Aug 22, 2018
de8bb98
References name needs to be singular
Ladas Aug 22, 2018
e3ef4d0
Drop bindings and broker for now
Ladas Aug 22, 2018
dff8a6a
Resource version has to be string for now
Ladas Aug 22, 2018
48968bf
Make service catalog entites archivable
Ladas Aug 23, 2018
ff7dcd0
Remove container specific references
Ladas Aug 24, 2018
215fc81
Rename ServiceClass to ServiceOffering
Ladas Aug 24, 2018
0a47788
Remove OpenShift specific columns
Ladas Aug 24, 2018
30611aa
Remove service_instances tables for now
Ladas Aug 24, 2018
cf315b8
Rename service_plans to service_parameters_set
agrare Aug 24, 2018
bc3dcdd
Table name needs to be plural
Ladas Aug 27, 2018
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
114 changes: 114 additions & 0 deletions db/migrate/20180821112856_create_openshift_service_catalog_tables.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,114 @@
class CreateOpenshiftServiceCatalogTables < ActiveRecord::Migration[5.0]
def change
create_table :container_service_brokers, :id => :bigserial, :force => :cascade do |t|
t.string :name
t.string :kind
t.string :ems_ref
t.integer :resource_version
t.text :url

t.references :ems_id, :type => :bigint, :index => true, :references => :ext_management_systems
t.references :container_projects, :type => :bigint, :index => true

t.jsonb :extra

t.datetime :ems_created_on
t.timestamps
end

create_table :container_service_classes, :id => :bigserial, :force => :cascade do |t|
t.string :name
t.string :kind
t.string :status
t.string :ems_ref
t.integer :resource_version
t.text :description
t.boolean :bindable
t.boolean :plan_updatable

t.references :ems_id, :type => :bigint, :index => true, :references => :ext_management_systems
t.references :container_projects, :type => :bigint, :index => true
t.references :container_service_brokers, :type => :bigint, :index => true

t.jsonb :extra

t.datetime :ems_created_on
t.timestamps
end

create_table :container_service_plans, :id => :bigserial, :force => :cascade do |t|
t.string :name
t.string :kind
t.string :status
t.string :ems_ref
t.integer :resource_version
t.text :description
t.boolean :free

t.references :ems_id, :type => :bigint, :index => true, :references => :ext_management_systems
t.references :container_projects, :type => :bigint, :index => true
t.references :container_service_classes, :type => :bigint, :index => true

t.jsonb :extra

t.datetime :ems_created_on
t.timestamps
end

create_table :container_service_instances, :id => :bigserial, :force => :cascade do |t|
t.string :name
t.string :kind
t.string :status
t.string :ems_ref
t.string :secret_name
t.integer :resource_version

t.references :ems_id, :type => :bigint, :index => true, :references => :ext_management_systems
t.references :container_projects, :type => :bigint, :index => true
t.references :container_service_classes, :type => :bigint, :index => {:name => 'csi_on_container_service_classes'}
t.references :container_service_plans, :type => :bigint, :index => true

t.jsonb :parameters
t.jsonb :parameters_from
t.jsonb :extra
Copy link
Contributor

@mkanoor mkanoor Aug 21, 2018

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@Ladas Would the extra column contain the status information about a service which is a nested hash. Here is an example of a failed service

apiVersion: v1
items:
- apiVersion: servicecatalog.k8s.io/v1beta1
  kind: ServiceInstance
  metadata:
    creationTimestamp: 2018-08-21T14:02:39Z
    finalizers:
    - kubernetes-incubator/service-catalog
    generateName: mariadb-persistent-
    generation: 1
    name: mariadb-persistent-qdkzt
    namespace: default
    resourceVersion: "35703842"
    selfLink: /apis/servicecatalog.k8s.io/v1beta1/namespaces/default/serviceinstances/mariadb-persistent-qdkzt
    uid: dd871fef-a54a-11e8-8fb9-0a580a800009
  spec:
    clusterServiceClassExternalName: mariadb-persistent
    clusterServiceClassRef:
      name: 1750b5d6-0d11-11e8-906a-d094660d31fb
    clusterServicePlanExternalName: default
    clusterServicePlanRef:
      name: 1750b5d6-0d11-11e8-906a-d094660d31fb
    externalID: 76af97e3-5650-4583-ae85-27294677f88d
    parametersFrom:
    - secretKeyRef:
        key: parameters
        name: mariadb-persistent-parametersbori0
    updateRequests: 0
    userInfo:
      extra:
        scopes.authorization.openshift.io:
        - user:full
      groups:
      - system:authenticated:oauth
      - system:authenticated
      uid: ""
      username: admin
  **status:**
    asyncOpInProgress: false
    conditions:
    - lastTransitionTime: 2018-08-21T14:02:44Z
      message: 'The provision call failed and will be retried: Error communicating
        with broker for provisioning: Put https://apiserver.openshift-template-service-broker.svc:443/brokers/template.openshift.io/v2/service_instances/76af97e3-5650-4583-ae85-27294677f88d?accepts_incomplete=true:
        dial tcp: lookup apiserver.openshift-template-service-broker.svc on [::1]:53:
        read udp [::1]:36349->[::1]:53: read: connection refused'
      reason: ErrorCallingProvision
      status: "False"
      type: Ready
    currentOperation: Provision
    deprovisionStatus: Required
    inProgressProperties:
      clusterServicePlanExternalID: 1750b5d6-0d11-11e8-906a-d094660d31fb
      clusterServicePlanExternalName: default
      parameterChecksum: 71118b9c659a984212608999d0323deda723b5cdba0805a0e350fc49931b6604
      parameters:
        DATABASE_SERVICE_NAME: <redacted>
        MARIADB_VERSION: <redacted>
        MEMORY_LIMIT: <redacted>
        MYSQL_DATABASE: <redacted>
        NAMESPACE: <redacted>
        VOLUME_CAPACITY: <redacted>
      userInfo:
        extra:
          scopes.authorization.openshift.io:
          - user:full
        groups:
        - system:authenticated:oauth
        - system:authenticated
        uid: ""
        username: admin
    operationStartTime: 2018-08-21T14:02:44Z
    orphanMitigationInProgress: false
    reconciledGeneration: 0
kind: List
metadata:
  resourceVersion: ""
  selfLink: ""

Copy link
Contributor Author

@Ladas Ladas Aug 21, 2018

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

yea we can put it to extra or do separate jsob column for it. The extra is for whatever else we need and we do not have column for (for start, we won't be able to order and search using the stuff in jsonb, since we don't have that coded in)

Copy link
Contributor Author

@Ladas Ladas Aug 21, 2018

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@syncrou @mkanoor but given the big amount of hash data, it would be nice if you guys would tell me what we actually need. So we don't bloat our DB with data we are not using for anything

Copy link
Contributor

@syncrou syncrou Aug 21, 2018

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@Ladas - At this time I'm not fully sure if we know 100% what we need. I'm not opposed to jamming the full hash into the extra column for now so we have it, with the understanding that we'll adjust it and add columns once we're set on what we need. @mkanoor Thoughts?


t.datetime :ems_created_on
t.timestamps
end

create_table :container_service_bindings, :id => :bigserial, :force => :cascade do |t|
Copy link
Member

@gtanzillo gtanzillo Aug 21, 2018

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

According to the documentation included in this PR, a service binding represents a binding of a service instance to an application. Although the doc has a TODO to define what an application is, do we need this if we don't have a table for container_applications?

Copy link
Contributor Author

@Ladas Ladas Aug 21, 2018

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

this mentions application pods https://github.com/kubernetes-incubator/service-catalog/blob/master/docs/resources.md#servicebinding

right now, I am not sure what it is exactly :-)

Copy link
Contributor

@syncrou syncrou Aug 21, 2018
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@Ladas @gtanzillo - The binding was a way ( via secrets ) to provision a multiple service instances all of which are needed to form a single service. E.g. MediaWiki: provision the wiki and the db so when the service instance is provisioned it includes both the frontend and the db as a single provisioned entity. We'll want to include bindings in this schema as they allow us to know all the parts of a provisioned service if the catalog ( service class ) has a binding defined.

Copy link
Contributor Author

@Ladas Ladas Aug 22, 2018
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ok, so this is something we need?

Or we don't, because you've used past tense for 'The binding was a way'? :-)

t.string :name
t.string :kind
t.string :status
t.string :ems_ref
t.string :secret_name
t.integer :resource_version

t.references :ems_id, :type => :bigint, :index => true, :references => :ext_management_systems
t.references :container_projects, :type => :bigint, :index => true
t.references :container_service_instances, :type => :bigint, :index => {:name => 'csb_on_container_service_instances'}

t.jsonb :parameters
t.jsonb :parameters_from
t.jsonb :extra

t.datetime :ems_created_on
t.timestamps
end

create_table :container_secrets, :id => :bigserial, :force => :cascade do |t|
Copy link
Contributor

@cben cben Aug 22, 2018

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is this for k8s Secret objects?
So far we refrained from fetching them. MIQ having them will increase attack surface of all software running in cluster (and increase minimal permissions miq needs; not sure if default setup already gives us access to secrets).
What's the use case?

Copy link
Contributor Author

@Ladas Ladas Aug 22, 2018

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

So I think we might need just the secret names, but I am not sure. We will definitely not be storing the secrets themselves. Might be, we don't need these at all @syncrou @mkanoor ?

t.string :name
t.string :kind
t.string :ems_ref
t.integer :resource_version

t.references :ems_id, :type => :bigint, :index => true, :references => :ext_management_systems
t.references :container_projects, :type => :bigint, :index => true

t.jsonb :extra

t.datetime :ems_created_on
t.timestamps
end
end
end