regex for watch-namespaces
111 views
Skip to first unread message
Anup Chandak
Aug 2, 2022, 8:28:17 AM8/2/22
to Operator Framework
Hi Team
Does the WATCH_NAMESPACE env variable on Operator Controller support regex?
As far as my reading goes, it does not support regex.
Is there any other way to achieve similar functionality for an ansible-based operator?
TIA
Anup
Brad P. Crochet
Aug 2, 2022, 9:55:08 AM8/2/22
to Anup Chandak, Operator Framework
The Ansible operator uses the same WATCH_NAMESPACE env var. You are correct that WATCH_NAMESPACE does not support regex.
The forms are:
WATCH_NAMESPACE="" - Watch all namespaces
WATCH_NAMESPACE="my-ns" - Watch a specific namespace
WATCH_NAMESPACE="my-first-ns,my-second-ns" - Watch a number of namespaces
This is documented here:
Hope this helps.
Brad
--
You received this message because you are subscribed to the Google Groups "Operator Framework" group.
To unsubscribe from this group and stop receiving emails from it, send an email to operator-framew...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/operator-framework/29a54835-f762-4797-a764-5d77ad72119an%40googlegroups.com.
--
Anup Chandak
Aug 3, 2022, 8:53:58 AM8/3/22
to Operator Framework
Thank you Brad for taking out time to reply.
But any other way to achieve it?
My application is multi-tenant where each tenant gets its own namespace that in turn gets created dynamically at runtime (with a name generated using UUID). For now, the operator is watching all namespaces but then that clashes with my development namespace (yeah, mine is multi-tenant, multi-development environment)
TIA
Anup Chandak
Brad P. Crochet
Aug 3, 2022, 9:21:43 AM8/3/22
to Anup Chandak, Operator Framework
On Wed, Aug 3, 2022 at 8:54 AM Anup Chandak <anupc...@gmail.com> wrote:
Thank you Brad for taking out time to reply.But any other way to achieve it?My application is multi-tenant where each tenant gets its own namespace that in turn gets created dynamically at runtime (with a name generated using UUID). For now, the operator is watching all namespaces but then that clashes with my development namespace (yeah, mine is multi-tenant, multi-development environment)
You could further filter within your operator. You would watch all namespaces, but then only do something when a namespace matches your predetermined pattern. I don't have a concrete example at my fingertips. Let me know if this makes sense or if you need further guidance.
To view this discussion on the web visit https://groups.google.com/d/msgid/operator-framework/7003a6b7-51de-4de0-ad32-22be412196e8n%40googlegroups.com.
Brad P. Crochet
Aug 3, 2022, 9:31:33 AM8/3/22
to Anup Chandak, Operator Framework
On Wed, Aug 3, 2022 at 9:21 AM Brad P. Crochet <br...@redhat.com> wrote:
On Wed, Aug 3, 2022 at 8:54 AM Anup Chandak <anupc...@gmail.com> wrote:Thank you Brad for taking out time to reply.But any other way to achieve it?My application is multi-tenant where each tenant gets its own namespace that in turn gets created dynamically at runtime (with a name generated using UUID). For now, the operator is watching all namespaces but then that clashes with my development namespace (yeah, mine is multi-tenant, multi-development environment)You could further filter within your operator. You would watch all namespaces, but then only do something when a namespace matches your predetermined pattern. I don't have a concrete example at my fingertips. Let me know if this makes sense or if you need further guidance.
Also, upon further reflection, I would suggest adding a label to the namespaces that are created. That would allow you to filter based on that label, rather than any particular name. This should be doable via watches.yaml.
Alex Greene
Aug 3, 2022, 1:25:20 PM8/3/22
to Brad P. Crochet, Anup Chandak, Operator Framework
Hello Anup,
A word of caution. Cluster Admins rely on OperatorGroups to correctly scope an operator to a set of namespaces. Filtering which event's your operator processes based on conditional logic may cause confusion, as:
- The cluster admin has scoped an operator to process events in all namespaces.
- The operator is configured to ignore events in certain namespaces.
Users unfamiliar with your operator may not know that CR's created in certain namespaces are "ignored", it may be beneficial to reflect in the CR's status that it's in an unsupported namespace.
I should note that I've only worked on Go based operators, so I'm not sure if Ansible supports conditional status updates.
Best,
Alex
To view this discussion on the web visit https://groups.google.com/d/msgid/operator-framework/CAD60qnCdtuY4xN47OYLdXuCS4MAeTS453Q%3D3fWeE041CoUOmOA%40mail.gmail.com.
--
Zachary Taylor
Aug 3, 2022, 1:39:27 PM8/3/22
to Alex Greene, Brad P. Crochet, Anup Chandak, Operator Framework
You could use MultiNamespace OperatorGroups. I'm sure no one has mentioned it on this thread because it will probably be deprecated (at least what the docs says). If you have an OperatorGroup that uses a namespace selector, then OLM will set the watch_namespaces env vars to the list of namespaces found by the selector. Alternatively you can just list all the namespaces in the OperatorGroup. The other point of this solution is that it's not supported via a UI install method.
You can see an operator group that uses a namespace selector here: https://docs.openshift.com/container-platform/4.8/operators/understanding/olm/olm-understanding-operatorgroups.html#olm-operatorgroups-target-namespace_olm-understanding-operatorgroups
You can see an operator group that uses a namespace selector here: https://docs.openshift.com/container-platform/4.8/operators/understanding/olm/olm-understanding-operatorgroups.html#olm-operatorgroups-target-namespace_olm-understanding-operatorgroups
To view this discussion on the web visit https://groups.google.com/d/msgid/operator-framework/CAOuJmZYK-TcRFQWpD388npwGMup8QFxW%2BwG4%2Bs2J9nuKwqRJfA%40mail.gmail.com.
Zachary C. Taylor
zach...@gmail.com
910.574.1489
"It comes from saying no to 1,000 things to make sure we don't get on the wrong track or try to do too much." - Steve Jobs
zach...@gmail.com
910.574.1489
"It comes from saying no to 1,000 things to make sure we don't get on the wrong track or try to do too much." - Steve Jobs
Anup Chandak
Aug 5, 2022, 4:58:22 AM8/5/22
to Operator Framework
Hello Brad / Alex / Zachary
Thank you so much for your responses. Thanks!
Just to keep you posted...
@Alex - My operator is for direct consumption of end clients. It is invoked by other components for setting up applications. So I am able to make things work with the solution as suggested by @Brad.
@Zachary - Again, I am not using OLM to manage my operator. I have Helm chart for management as required by the solution. And as you pointed out that OperatorGroups will probably be deprecated so decided not to explore that path. :)
Once again. Thanks to all of you! Cheers!!
-Anup Chandak
Anup Chandak
Aug 9, 2022, 10:04:33 PM8/9/22
to Operator Framework
Hello Team
As suggested and mentioned earlier, I have configured a `selector` of CR in the `watches.yaml` file.
All works well for some time but then somewhere operator starts to cross-observe ignoring selector labels.
Any idea what could be wrong?
TIA
Anup
Reply all
Reply to author
Forward
0 new messages