Uploaded image for project: 'Multiple Architecture Enablement'
  1. Multiple Architecture Enablement
  2. MULTIARCH-4301

Implement ordered uninstallation of the operator

XMLWordPrintable

      We will always recommend users should delete the ClusterPodPlacementConfig BEFORE uninstalling the operator, but we may still find a way to address this issue for more safety by adding the same finalizer as in the previous paragraph to CSV, ClusterRoles, and ClusterRoleBindings that we need until the controller is done. 

       

      I did some tests adding finalizers to these resources

       

       

      # Add finalizer to all the resources related to mto
NS=openshift-multiarch-tuning-operator
#PATCH='{"metadata":{"finalizers":["finalizer.multiarch.openshift.io/pod-placement-controller"]}}'
PATCH='[{"op": "'"${1:-add}"'", "path": "/metadata/finalizers", "value": ["finalizer.multiarch.openshift.io/pod-placement-controller"]}]'
# shellcheck disable=SC2090
echo $PATCH
oc patch clusterpodplacementconfig/cluster --type=json -p="$PATCH"
oc patch deployment -n $NS multiarch-tuning-operator-controller-manager --type=json -p="$PATCH"
oc patch deployment -n $NS pod-placement-controller --type=json -p="$PATCH"
for resource in clusterrole clusterrolebinding role rolebinding serviceaccount clusterserviceversion; do
  for name in $(oc get $resource -n $NS -o name -l olm.managed=true,operators.coreos.com/multiarch-tuning-operator.openshift-multiarch-tuning-operator=); do
    oc patch "$name" -n $NS --type=json -p="$PATCH"
  done
done% 

       

      These finalizers should be added by the operator when the ClusterPodPlacmentConfig is created. They shold be removed when the ClusterPodPlacementConfig is deleted.

      If the operator removal is requested when a ClusterPodPlacemetnConfig is still set (and finalizers too), we should:

      1. Catch the event
      2. Request the deletion of the ClusterPodPlacementConfig: this will trigger what's done in https://issues.redhat.com/browse/MULTIARCH-4934
      3. Once 2 is complete, remove the finalizers. We can achieve this by 're-qeueing the operator deletion request' until no ClusterPodPlacementConfig is found.

       

      NOTE: during this procedure, the serviceAccount is already pending deletion and the Kube API server will start refusing any API request from our pods (including the removal of finalizers) after 1 minute. We should let the finalizers be removed before 0.8*60s for safety reasons in any case. It's also safe to say that the webhook is deleted at that time as we will not set finalizers for it.

      xrefs:

       

            rhn-support-adistefa Alessandro Di Stefano
            rhn-support-adistefa Alessandro Di Stefano
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Created:
              Updated:
              Resolved: