Enable GCP APIs in `sc add-gcp-broker`

googlearchive / k8s-service-catalog

[DEPRECATED] Commandline tool to manage Service Catalog lifecycle and GCP Service Broker atop Kubernetes Cluster

Apache License 2.0

69 stars 31 forks source link

Enable GCP APIs in `sc add-gcp-broker` #131

Closed mihnjong closed 6 years ago

mihnjong commented 6 years ago

As of now, we enable deployment manager API and service broker API in sc add-gcp-broker. We also need to enable other APIs that we support in GCP broker.

The list includes BigQuery, Bigtable, IAM, ML Engine, Pub/Sub, Spanner, SQL, and Storage.

mihnjong commented 6 years ago

Maybe, we need to enable all APIs in parallel in case that it might take too long.

mihnjong commented 6 years ago

And, we actually also need a flag for this feature. "sc add-gcp-broker --enable_apis=false" should not enable APIs except core APIs (which includes DeploymentManager, ServiceBroker, and IAM APIs).

martinmaly commented 6 years ago

what is the rationale for a flag? Is there harm in (presumably idempotently) enabling the API mutliple times?

mihnjong commented 6 years ago

@martinmaly It's for customers' sake. They might hate to enable a dozens of APIs that they do not care.

mihnjong commented 6 years ago

6 APIs need to be added:

gcloud services enable iam.googleapis.com for IAM and all other bindings gcloud services enable bigtableadmin.googleapis.com for Bigtable gcloud services enable cloudkms.googleapis.com for encryption of IAM type. gcloud services enable cloudresourcemanager.googleapis.com for project-level IAM gcloud services enable ml.googleapis.com for ML Engine gcloud services enable spanner.googleapis.com for Spanner gcloud services enable sqladmin.googleapis.com for SQL

maqiuyujoyce commented 6 years ago

So will we disable the APIs for the users when they do uninstall?

mihnjong commented 6 years ago

No. We should not disable any API. Disabling APIs could break customers' running services.

maqiuyujoyce commented 6 years ago

Yeah, but I worried that users may not expect so many enabled APIs after uninstallation.

martinmaly commented 6 years ago

If enabling of the API(s) fails, we need to print a good error message so that users know which APIs were not successfully enabled.

martinmaly commented 6 years ago

Fixed

mihnjong commented 6 years ago

More than 5 mins, sc add-gcp-broker hangs only with the following message:

sc add-gcp-broker
using project:  [[PROJECT ID]]

Since it takes long to enable APIs, it would be better to print the status whenever trying to enable a API.

maqiuyujoyce commented 6 years ago

Maybe make the enabling process run in parallel will help?

mihnjong commented 6 years ago

Let me create a new issue about parallel API enablement.