H4HIP: Helm Sequencing Proposal #373
Conversation
…tallations and upgrades. Signed-off-by: Joseph Beck <[email protected]>
Signed-off-by: Joe Beck <[email protected]>
- Seuencing logic - Readiness logic Signed-off-by: Evans Mungai <[email protected]>
Signed-off-by: Evans Mungai <[email protected]>
Signed-off-by: Evans Mungai <[email protected]>
Signed-off-by: Evans Mungai <[email protected]>
Signed-off-by: Evans Mungai <[email protected]>
Jeb135
changed the title
hips/hip-00xx-sequencing.md
Outdated
|
|
||
| ## Abstract | ||
|
|
||
| This HIP is to propose a new featureset in Helm 4 to provide Application developers, who create heam charts for their applications, a well supported way of defining what order chart resources and chart dependencies should be deployed to Kubernetes. |
There was a problem hiding this comment.
Does this proposal also include sequencing for uninstall, or only install/upgrade? For example, waiting to uninstall a resource until all that depends on it have completely uninstalled?
There was a problem hiding this comment.
Good point I didn't think about that. At least with uninstall it can just be done backwards to the installation, but upgrade would add some complexity that I'm not sure how to tackle.
There was a problem hiding this comment.
I added a section to clarify that this would apply to all 3, installation/uninstall/upgrade
hips/hip-00xx-sequencing.md
Outdated
|
|
||
| ## Rationale | ||
|
|
||
| ### Proposal 1: Named Dependencies |
There was a problem hiding this comment.
Personally, I quite like the general direction of proposal 1—as a replacement of numeric weights entirely—over proposal 2, which extends that. My point of view is I would like to move the numeric weighting into the "alternatives considered" section. But would like to hear other maintainers and community feedback on this.
I have wanted to introduce a depends_on functionality for helm resources—as a dynamic alternative to weights—to allow users to specify a specific order they are applied (a similar concept is used by used by projects like terraform, flux, and docker-compose).
My main reasoning for this is numbered weights are static—you must know the entire list of how all resources should be ordered, and this often takes a lot of finagling and fussing to get it right.
While named dependencies are dynamic—creating a DAG on the fly, based only on when and if certain resources have an actual dependency on one or more other resources.
It might be good to note some of this in the proposal. I could sketch up some suggested text for this if you prefer, but would also be happy for you to take a stab at it in your HIP. What do you think?
There was a problem hiding this comment.
Go ahead! I'll add you as a contributor, I appreciate the assistance.
There was a problem hiding this comment.
I moved the weights proposal to rejected ideas and tried to capture some of the points you made here in why.
hips/hip-00xx-sequencing.md
Outdated
| Today, to accomplish resource sequencing you have two options. The first is leveraging helm hooks, the second is building required sequencing into the application (via startup code or init containers). The existing hooks and weights can be tedious to build and maintain for Application developers, and built-in app sequencing can unecessarily increase complexity of a Helm application that needs to be maintained by Application Developers. Helm as a package manager should be capable of enabling developers to properly sequence how their applications are deployed, and by providing such a mechanism to developers, this will significantly improve the Application developer's experience. | ||
|
|
||
| Additionally, Helm currently doesn't provide a way to sequence when chart dependencies are deployed, and this featureset would ideally address this. |
There was a problem hiding this comment.
When it comes to sequencing, I'm not sure what you mean is clear in the document. I could come to two different conclusions:
- The ordering of resources when they are uploaded to the k8s API server in one push
- An ordered set of communications to the k8s API server where set it sent and completed prior to the next one being sent
Can you please provide some more clarity on what you mean.
There was a problem hiding this comment.
2 is what we're going for here. I'll make a note to try and make that more clear.
There was a problem hiding this comment.
Clarified what "resource sequencing" meant in the HIP
hips/hip-00xx-sequencing.md
Outdated
|
|
||
| Helm would scope each subchart layer annotation names using a delimiter e.g `someChartDependency#mylayer` to avoid any name collisions. This is an internal implementation detail rather than feature chart authors or operators would need to know. | ||
|
|
||
| `helm template` would print all resources in the order they would be deployed. Groups of resources in a layer would be delimited using a `## Layer: <name>` comment indicate the beginning of each layer |
There was a problem hiding this comment.
The # at the front denotes a comment. I'm not sure the k8s yaml parser, that we currently use and is supported by the k8s project, provides a means to parse and use data in comments. This needs to be investigated before this possibility could be considered. See https://github.com/kubernetes-sigs/yaml
There was a problem hiding this comment.
For reference, the ## Layer: <name> would be above/below # Source:. Maybe there is no need for 2 #. We can have it be # Layer: <name>.
helm template from an example chart
---
# Source: foo/templates/tests/test-connection.yaml
apiVersion: v1
kind: Pod
metadata:Signed-off-by: Evans Mungai <[email protected]>
Co-authored-by: Scott Rigby <[email protected]> Signed-off-by: Evans Mungai <[email protected]>
Signed-off-by: Evans Mungai <[email protected]>
…intentions on how/why this should be built Signed-off-by: Joe Beck <[email protected]>
Signed-off-by: Evans Mungai <[email protected]>
|
I made some changes to allow a chart author to build a dependency of subcharts. Its based on #373 (comment) post I had made earlier |
|
This HIP will depend on #374 HIP |
Signed-off-by: Evans Mungai <[email protected]>
…sources Signed-off-by: Evans Mungai <[email protected]>
|
What happens when it breaks? How will partial successes be rolled back? What if a rollback fails a stage? |
Which also makes me think about storage. Will each stage need to be a release in order to manage failures and rollbacks? What will that do to storage requirements? |
Signed-off-by: Evans Mungai <[email protected]>
Signed-off-by: Evans Mungai <[email protected]>
Signed-off-by: Evans Mungai <[email protected]>
Signed-off-by: Evans Mungai <[email protected]>
Signed-off-by: Evans Mungai <[email protected]>
Signed-off-by: Evans Mungai <[email protected]>
Signed-off-by: Evans Mungai <[email protected]>
hips/hip-00xx-sequencing.md
Outdated
| The following annotations would be added to enable this. | ||
|
|
||
| *Additions to templates* | ||
| - `helm.sh/layer`: Annotation to declare a layer that a given resource belongs to. Any number of resources can belong to a layer. A resource can only belong to one layer. |
There was a problem hiding this comment.
layer is not very descriptive into how its being used. End users may not understand how it can/should be used
There was a problem hiding this comment.
layeris not very descriptive into how its being used. End users may not understand how it can/should be used
I'll rename this to resource-group. I think this is a clearer name. Its come up before.
There was a problem hiding this comment.
I think resource-group is much more clear. It's self-explanatory, unlike "layer" 👍
There was a problem hiding this comment.
@sabre1041 here are the renaming changes
hips/hip-00xx-sequencing.md
Outdated
| - `helm.sh/depends-on/layers`: Annotation to declare layers that must exist and in a ready state before this resource can be deployed. Order of the layers has no significance | ||
|
|
||
| *Additions to Chart.yaml* | ||
| - `helm.sh/depends-on/subcharts`: Annotation added to `Chart.yaml` to declare chart dependencies, by name or tags, that must be deployed fully and in a ready state before the chart can be deployed. For the dependency or subchart chart to be declared ready, all of its resources, with their sequencing order taken into consideration, would need to be deployed and declared ready. Order of the charts has no significance. |
There was a problem hiding this comment.
How will the dependency of subcharts be handled as it relates to tags and name? is there a concern if there is an overlap between the two? should a distinction be made?
There was a problem hiding this comment.
Good catch. I believe this ought to have been "name" or "alias". Alias would be preferred.
There was a problem hiding this comment.
@sabre1041 here is the change
There was a problem hiding this comment.
Yes good note about alias. I believe this would have been addressed in the implementation but glad it's called out in the HIP.
hips/hip-00xx-sequencing.md
Outdated
|
|
||
| ### Readiness | ||
|
|
||
| In order to enforce sequencing, Helm will check that resources are ready using `kstatus` [ready condition](https://github.com/kubernetes-sigs/cli-utils/blob/master/pkg/kstatus/README.md#the-ready-condition) allowing helm to proceed installing the next group of resources, or fail the install. Users can override checks using optional `helm.sh/readiness-failure` and `helm.sh/readiness-success` annotations which are jsonpath queries to check status fields of the annotated resource. If any of the checks in the lists evaluate as true, the readiness check is determined as successful/failed. `helm.sh/readiness-timeout` annotation can be used to override how long Helm should wait when performing readiness checks before bailing out. It defaults to `10s`. |
There was a problem hiding this comment.
Does there need to be some commentary/discussion regarding how to construct readiness-success and/or readiness-failure?
There was a problem hiding this comment.
Does there need to be some commentary/discussion regarding how to construct
readiness-successand/orreadiness-failure?
@sabre1041 I updated the doc to better explain how readiness checks work. https://github.com/Jeb135/helm-community/blob/hip-sequencing/hips/hip-00xx-sequencing.md#readiness
Co-authored-by: Andrew Block <[email protected]> Signed-off-by: Evans Mungai <[email protected]>
Co-authored-by: Andrew Block <[email protected]> Signed-off-by: Evans Mungai <[email protected]>
Co-authored-by: Andrew Block <[email protected]> Signed-off-by: Evans Mungai <[email protected]>
Co-authored-by: Andrew Block <[email protected]> Signed-off-by: Evans Mungai <[email protected]>
Co-authored-by: Andrew Block <[email protected]> Signed-off-by: Evans Mungai <[email protected]>
Co-authored-by: Andrew Block <[email protected]> Signed-off-by: Evans Mungai <[email protected]>
Co-authored-by: Scott Rigby <[email protected]> Signed-off-by: Evans Mungai <[email protected]>
Signed-off-by: Evans Mungai <[email protected]>
Signed-off-by: Evans Mungai <[email protected]>
Signed-off-by: Evans Mungai <[email protected]>
Signed-off-by: Evans Mungai <[email protected]>
Signed-off-by: Evans Mungai <[email protected]>
Signed-off-by: Evans Mungai <[email protected]>
Signed-off-by: Evans Mungai <[email protected]>
There was a problem hiding this comment.
not a blocking review. some minor cleanup suggestions to close out this thread #373 (comment)
hips/hip-00xx-sequencing.md
Outdated
|
|
||
| In this example, helm will first install and wait for all resources of `nginx` and `rabbitmq` dependencies to be "ready" before attempting to install `bar` resources. Once all resources of `bar` are "ready" then and only then will `foo` chart resources be installed. `foo` would require `rabbitmq` to be ready but since the subchart resources would have been installed before `bar`, this requirement would have been fulfilled. | ||
|
|
||
| This approach of building a directed acyclic graph (DAG) is prone to circular dependencies. During the templating phase, Helm will have logic to detect, and report any circular dependencies found in the chart templates. Helm will also provide a command to print the DAG for development and troubleshooting purposes. |
There was a problem hiding this comment.
I think this is good and clear.
Co-authored-by: Scott Rigby <[email protected]> Signed-off-by: Evans Mungai <[email protected]>
Co-authored-by: Scott Rigby <[email protected]> Signed-off-by: Evans Mungai <[email protected]>
Co-authored-by: Scott Rigby <[email protected]> Signed-off-by: Evans Mungai <[email protected]>
There was a problem hiding this comment.
LGTM.
Thanks @scottrigby and @banjoh for not only the proposal, but the improvements and iterative enhancements
|
All feedback has been addressed. Merging! Looking forward to seeing this implemented for Helm 4 🚀 |
proposal to add resource sequencing support to Helm for v4