Open alaypatel07 opened 3 years ago
One big problem with this, at least on the backup side, is that Velero has its own API for deleting backups to deal with the S3 cleanup. Simply deleting the CR (as would happen with owner references) would bypass this. Also, I don't know that we necessarily want to delete velero CRs when the migmigration is deleted. Normally velero backups will be automatically deleted after 30 days anyway.
The following questions could potentially block the addition of owner ref:
- Does the deletion of kube velero resource like backup delete the remote s3 bucket data? If so, automatic garbage collection would wipe out the data and is a no go. I think that this is not the case but would be good to verify.
- Velero creates the backup resources based on presence of backups in the BSL, is there a possibility of race, where kube GC delete the resources and velero keeps creating them from BSL?
@alaypatel07 if you delete a Velero backup
, the data persists in the S3 bucket and the backup
CR will be recreated on next sync. Deleting a backup
in this way doesn't work. You can run deletion of a backup from k8s API with a deletebackuprequest
, a separate CR which to my knowledge is not used anywhere in our codebase.
DeleteBackupRequest CR https://github.com/vmware-tanzu/velero/blob/f42c63af1b9af445e38f78a7256b1c48ef79c10e/config/crd/bases/velero.io_deletebackuprequests.yaml
Velero Backup Sync Controller https://github.com/vmware-tanzu/velero/blob/f42c63af1b9af445e38f78a7256b1c48ef79c10e/pkg/controller/backup_sync_controller.go
The velero resources(backup, restore and bsl) created by mig-controller does not have owner references. Is there any specific reason why we dont want those owner references?
Semantically it makes sense for us to use an owner reference since our controller creates and manages those resources.
The following questions could potentially block the addition of owner ref:
TLDR: We might want to add automatic garbage collections so deletion of higher-level resource like migmigration does not leak data in kube velero objects, but we need to be careful and needs a wider team discussion