split plans off of service classes

[MHBauer]

a start on #454

need to fix the integration tests, probably e2es as well

[MHBauer]

this is wicked gnarly to rebase and keep everything working.

[arschles]

@MHBauer can you rename the title to something more descriptive please? Specifically, I'd like to know which part of #454 this addresses

[pmorie]

Overall comment: I don't think information about plans should live in two places - it will get out of sync otherwise.

I might be able to be convinced on this eventually, but I think so far we only had consensus on splitting the resources.

Suggest that for now, we should just split the resources, and talk through whether there should be high-level information about plans on the service class later.

[pmorie]

Did you mean to commit this?

[MHBauer]

Yes, I was a little weirded out seeing the other codegen run and not the client-generator.

[pmorie]

Probably less bikeshed-accretion risk here to just keep the current name.

[MHBauer]

In a pure split, what is this made up of?

[MHBauer]

Should this now have a slice of v1.LocalObjectReference?

[pmorie]

If we're just splitting, plans should just reference the service class and we should remove this array field of ServiceClass.

Two-way references are very difficult to maintain.

[MHBauer]

Plan -> ServiceClass
not
ServiceClass -> Plan.

Isn't this an inversion of the current arrangement? Is there any particular justification for either direction?

[duglin]

we'll need to be able to traverse from the serviceclass to the plan quickly - can the controller (or is it "owner"?) property on serviceclass help here?

[MHBauer]

@duglin
I don't know what that is. Do you mean the BrokerName? Shouldn't that be some kind of ObjectReferece?

It sounds like you are disagreeing with the reference direction proposed.

[pmorie]

I'm not sure what Plan is vs. ServicePlan - I had thought we agreed to just split them rather than keeping some information in two places.

[pmorie]

I don't think it's going to be profitable to store this information in two places - they will get out of sync.

[duglin]

I think this might be related something I don't think we resolved... when I GET a serviceclass how much of the Plan is pulled back with it? If there are 300 plans do we want to force the UI/client to do 300 GETs too? See #454 (comment)

[pmorie]

Just a thought: it might be worth holding off on this until we can get some clarity on what the kubernetes names of these entities should be.

[MHBauer]

@pmorie where can we go push on the naming board or api board or whatever?

[MHBauer]

I don't think renaming blocks this.

Do we need a separate design?

What are thoughts on the references?
Plan -> ServiceClass
OR
ServiceClass -> Plan

[duglin]

I think talking about this during one of our design sessions would be good.

It might also be good to try to split the discussion into smaller pieces, I think there are at least two independent topics:
1 - which properties are in Service vs Plan and which (if any) are duplicated?
2 - how to manage the references? S->P or P->S

If you could come up with a concrete proposal for each, to help focus the discussion, then we can discuss them on an upcoming call.

[pmorie]

@MHBauer

I don't think renaming blocks this.

Yeah, I agree with you. I had misread your PR when I made this comment.

[MHBauer]

note: don't forget to add rbac for plans

[MHBauer]

This should build and finish through the integration tests.

I don't think I took out anything of the integration tests, but I also didn't add anything new.

[MHBauer]

We can probably turn some of the test verbosity down now...

[MHBauer]

Already seen some flakes I would have guessed existed. I'm not sure how tenable the maintenance of this approach is. I'll try and get it passing again, but I think this concept needs another think.

I may be over thinking this.

[MHBauer]

Seems only TPR was failing. Have attempted a fix.

[pmorie]

Excellent start, found a few nits or apparent TODOs. Only thing I think we should talk about is the type of the service class reference.

[pmorie]

is the -v argument intentional here?

[MHBauer]

debug

[duglin]

now that it appears to be working, can we remove the -v ?

[MHBauer]

yes. whoops.

[pmorie]

I think that we can use ServiceClassName here. LocalObjectReference is advantageous when you anticipate needing to make a local reference into a namespaced reference in the future. I don't think we anticipate that here.

[MHBauer]

What is ServiceClassName?

[duglin]

I think he means just use string and put the service class's name in there. However, at some point we may need to have namespaced classes/plans at some point - so would keeping LocalObjectRef be safer? In CF-land they have the notion of making certain services available only to certain orgs (they are not globally available to everyone), so it seems very possible we'll need that too at some point.

[duglin]

On a related question, if we allow for serviceclasses to be namespaced in the future will that be a backward incompatible change for our APIs? I think its just a matter of adding a namespace property when needed, right?

[duglin]

And... can a resource type be both namespaced and not namespaced? Meaning, can I have one instance of ServiceClass be namespaced and nother one be un-namespaced?

[MHBauer]

This seems the more kube-y way to do that to me. LocalObjectRef is a Name.

[pmorie]

Same comment about typing.

[pmorie]

I believe that we will need to prefix the name of the service plan with the name of the service class. Plan names are only unique within a service, and not globally. I don't think this yields the greatest names, but we can fix that with porcelain.

Totally open to talking through this in a meeting, and I realize it is an intersection with an unresolved issue (#802).

[MHBauer]

Fix it later.

[duglin]

we should discuss this before beta. Morgan can you open an issue and put it in the 0.1.0 milestone so we don't forget.

[MHBauer]

okay

[pmorie]

Circling back in this group of comments for posterity:

We decided in a SIG meeting for now to use $name-$id as the kubernetes names of services to spur ourselves to finish figuring out what to do with the kubernetes names of these objects.

[pmorie]

Looks like an old comment

[MHBauer]

yea, removing.

[pmorie]

Looks like a TODO

[pmorie]

We might want to make service class name a selectable field (in a follow-up)

[MHBauer]

I don't know what this does.

[pmorie]

Is this applicable, since ServicePlan is root-scoped?

[MHBauer]

No idea, copied serviceclass.

[pmorie]

ok

[arschles]

it's used in TPR storage

[pmorie]

ah

[nilebox]

and in CRD as well 😉

[pmorie]

is checking in -c intentional

[duglin]

I'm curious too

[pmorie]

separate PR plz

[MHBauer]

Debugging improvement. Why split it out?

[pmorie]

You can split it out if you want it to land sooner. Your choice.

[MHBauer]

https://travis-ci.org/MHBauer/service-catalog/builds/270170017 works if you don't want to wait for cri-o builds to finish.

[arschles]

overall this looks good. thanks @MHBauer! also, I am ok with the local object reference.

LGTM

[arschles]

it's used in TPR storage

[MHBauer]

Everything is green, so I'll squish down into two.

[duglin]

This still has ServiceInstanceSpec.PlanName as a string, which is kind of interesting. Technically it should be an ObjectReference since Plans are now independent resources. However, keeping it a string means that we now manually go find the right Plan object by rather than just follow a ref.

We have an issue right now with the names of Plans because per the OSB API spec they only need to be unique within a service, but in Kube they need to be unique for the entire cluster.

Now, @pmorie suggested that we concat the serviceName and the planName and use that as the planName on the Plan resource. That doesn't yield the greatest UX. However, since ServiceInstanceSpec.PlanName isn't an objectRef and we need to do a manual lookup we can get away with ServiceInstanceSpec.PlanName only being the plan name itself and not the concatenation of ServiceName and PlanName - which means a nicer UX, at least for creating ServiceInstances. Its not great if you ever need to retrieve a Plan by itself because you then need to twiddle names.

I'd like to discuss this issue and the names of Plans in general on tomorrow's design call before we merge this. I'm hoping that the net result of this will be to just twiddling of these split resources but in case it ends up requiring a lot more surgery I think having one more day/talk would be good and not delaying it too much.

[duglin]

Note - at some point this will need to be scoped to just the service. But its all based on how we deal with names of plans, etc....

[pmorie]

It would be useful to have a TODO here for that

[MHBauer]

Not sure I agree with the scope of that. This does exactly and only what it should. TODO should be an issue, maybe?

[duglin]

ok this warning isn't very useful. Can we add more info to it?

[MHBauer]

I can put it back to not having any log message at all.

[duglin]

I like the idea of the msg, but I want it to be meaningful

[duglin]

s/%v/%q/ so its quoted

[duglin]

.

[MHBauer]

dup line anyway

[MHBauer]

@kibbles-n-bytes Jenkins had a "failure to set github status". Is there a retry in our code when that tries to happen, or is it part of a jenkins plugin we probably can't touch?

[MHBauer]

edited, rebased, all green.

[pmorie]

I'm taking off LGTM1 to re-review because this is a huge API change.

[kibbles-n-bytes]

@MHBauer Huh, I've never seen the GitHub status setting fail. Sounds like GitHub was just down for a brief moment. That portion is touchable and I could add a retry if necessary, but I think it's such a rare occurrence that it can wait as a "nice-to-have" feature for the time being.

[nilebox]

I like the direction of this PR, mostly just nits.

[nilebox]

As far as I can tell, the old one is being sometimes implicitly validated because we need some conversion of types, comparing fields etc.
For example, see https://github.com/kubernetes-incubator/service-catalog/blob/master/vendor/k8s.io/apimachinery/pkg/api/validation/objectmeta.go#L243
There could be errors produced as a result of invalid old object, true, but that was not the primary goal here - it was a side-effect of the need to convert types.

I haven't found any example of validating the old one just for the sake of "best practice".
Seems redundant here to me (could remove in other places in follow-up PRs as well, if we have similar code already).

[nilebox]

Shall we start checking resource types, or at least make sure that all get/create were for different types?

[nilebox]

Isn't that reverse, ServicePlan having a reference to a ServiceClass? Do we still have an array for some reason?

[MHBauer]

Good catch. I will edit this and review the whole thing to make sure it is correct.

[MHBauer]

brain fart on my part. I will update and review the whole document.

[nilebox]

nit: such resources are called "cluster scoped" (as opposed to "namespace scoped") in Kubernetes

[MHBauer]

okay, will edit.

[nilebox]

I wonder if we have the same issue for ServiceClass already. If so, how did we resolve this?
According to the spec, service name:

MUST be unique across all service objects returned in this response

so it's not globally unique either.

[MHBauer]

This is an open issue upstream as well.

[nilebox]

Where did you get this limit from?

[MHBauer]

This comes from upstream when the serviceplan name was used as a label key, it was failing.
#1047

I should get rid of that comment above.

[nilebox]

this is a bad example I guess :) should provide a legit example with UUID suffix instead.

[nilebox]

This comment seems to be misplaced now.

[MHBauer]

oops, thanks.

[nilebox]

nit: pass serviceClasses[i].Name instead of svc.Name for cleanliness.

[MHBauer]

I do not follow, what do you mean?

[nilebox]

2 lines above you take a value from svc.Name and set it to serviceClass.
convertServicePlans generates a plan which has a reference to serviceClass, right? So I would prefer to explicitly pass serviceClasses[i].Name here instead of svc.Name (even though the value is the same).

Imagine that you would change the code 2 lines-above to something like

serviceClasses[i].SetName(svc.Name + generateUuid())

in this case the name you pass into convertServicePlans would be out of sync. With my change it wouldn't.

[nilebox]

?

[MHBauer]

I think this was more of a top-level 'what are we doing here' type comment, but in context it is pretty useless. I'll remove it, but I think we should try and get a group together to review the default service plan admission controller.

[jboyd01]

I hate to add more work here Morgan, but #1210 was merged yesterday that added a new admission controller that blocks changes to an instance's service plan if the plan is not updatable.

[MHBauer]

I'll get started on the refresh Monday morning.

[MHBauer]

Green Jenkins, phew.

[pmorie]

Seems like there's a follow-up issue here - do you want to create one?

[jboyd01]

If memory serves me, I tried this with returning an error, it broke unit tests, so I figured this was the desired behavior.

[MHBauer]

I suppose this particular thing is not concerned with whether the instance refers to a valid service class. We can let it through on the recognition that it will be caught later in the actual validation stages.

Weird, but I think that is the correct analysis. Thoughts?

[pmorie]

I'm concerned that the walkthrough e2es may not be testing the correct version of the code. When I try to run the walkthrough locally, the controller can't create serviceplans for the ups-broker:

apiVersion: servicecatalog.k8s.io/v1alpha1
kind: ServiceBroker
metadata:
  creationTimestamp: 2017-09-19T13:39:46Z
  finalizers:
  - kubernetes-incubator/service-catalog
  generation: 1
  name: ups-broker
  resourceVersion: "3"
  selfLink: /apis/servicecatalog.k8s.io/v1alpha1/servicebrokers/ups-broker
  uid: 00183ac8-9d40-11e7-a37c-0242ac110005
spec:
  url: http://ups-broker-ups-broker.ups-broker.svc.cluster.local
status:
  conditions:
  - lastTransitionTime: 2017-09-19T13:39:46Z
    message: 'Error syncing catalog from ServiceBroker. Error reconciling servicePlan
      "default-86064792-7ea2-467b-af93-ac9694d96d52" (broker "ups-broker"): serviceplans.servicecatalog.k8s.io
      is forbidden: User "system:serviceaccount:catalog:service-catalog-controller-manager"
      cannot create serviceplans.servicecatalog.k8s.io at the cluster scope'
    reason: ErrorSyncingCatalog
    status: "False"
    type: Ready
  reconciledGeneration: 0

Going to try the e2e next.

[pmorie]

So, I am not sure at all how e2e could be passing, and I found a bug in the rbac setup for which I needed to create https://github.com/MHBauer/service-catalog/pull/3.

I think we should ensure that we understand why the tests showed as green before we merge this.

[pmorie]

Adding do-not-merge for now to avoid an accidental merge until we can figure out why the tests appeared to pass.

[kibbles-n-bytes]

@pmorie @MHBauer Looking into it now.

[MHBauer]

Oh ya, missed my own reminder. whoops.
#1106 (comment)

[MHBauer]

something weird is going on with lint.

[MHBauer]

Green again.

[vaikas]

@pmorie verified RBAC rules as per discussion on the slack channel. Merging.

[ash2k]

This could be just an Owner Reference with Controller=true?

[MHBauer]

It's merged, so we can do followups now.

What does controller=true mean?

[nilebox]

@MHBauer Kubernetes object could have multiple OwnerReferences, but only one of them could be a controller ("true owner").
IMO a dedicated ServiceClassRef makes sense there, and provides a better more transparent UX.

That said, I agree with @ash2k that we should also set OwnerReference to make sure there is no clash between different classes having plans with same UUIDs/names.
It will also prevent deletion of ServiceClass if it has existing ServicePlan referencing it.

See pull request #979 for the example of how I set OwnerReference for secret owned by binding.

[ash2k]

See item 11 https://github.com/kubernetes/community/blob/master/contributors/devel/controllers.md
and https://github.com/kubernetes/community/blob/master/contributors/design-proposals/api-machinery/controller-ref.md for details.