-
Notifications
You must be signed in to change notification settings - Fork 101
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Added session management routes + crd + cli interaction. #2235
Added session management routes + crd + cli interaction. #2235
Conversation
…ord into issue/217/clearing-routes
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I feel like this also needs another operator feature, like session_management: bool
. Otherwise the users will see real ugliness 💀
Co-authored-by: Michał Smolarek <[email protected]>
Co-authored-by: Michał Smolarek <[email protected]>
Co-authored-by: Michał Smolarek <[email protected]>
Ideally we would have some credentials/permissions system in place, so a random user would not be able to just We could add a route that enables/disables session management, but this seems like extra annoyance for users, due to us not having a system in place to handle this stuff? |
That's controlled via k8s RBAC. To use the route users need to have the delete verb on the sessions resource. |
To be honest, I was not thinking about access control at all. Rather compatibility with older operators, which don't have these routes. Like with |
Ah it could be nice the cli to check for feature existence, yes. |
Hmm we could just convert an |
killing all sessions
x Session operation `kill-all` failed!
x `operator session kill-all` is not supported by the mirrord-operator found in your cluster, consider updating it! 2024-02-26T18:02:45.664986Z ERROR mirrord::operator::session: not_supported="`operator session kill-all` is not supported by the mirrord-operator found in your cluster, consider updating it!"
Error: × Failed to connect to the operator, probably due to RBAC: getting status failed: ApiError: "": Failed to parse error data (ErrorResponse { status: "404 Not Found", message: "\"\"", reason: "Failed to parse
│ error data", code: 404 })
(...) Progress now shows a nicer error if operator version doesn't support the session ops. |
…Remove unused sessions_api.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks mostly good, but there are 3 things:
- Do we really need the
response.reason.contains("parse")
part when checking operator response? I think checking status code should be enough. - Same error handling logic is repeated in all 3 command handlers
- Using
OperatorApiError::KubeError
withOperatorOperation::GettingStatus
is not a good idea. User seesFailed to connect to the operator, probably due to RBAC: getting status failed
in the CLI output :x You can useOperatorApiError::UnsupportedFeature
for this. It would require fetching the operator status first (you'd need the operator version), but I think it's even better - we can check if the operator is installed before attempting to kill sessions
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Wonderful 🐈
Creates a new cli command to forcefully kill one or more
OperatorSession
s.Adds a new
CustomResource
, as this new command is a a separate route in the operator from the ones that we had.