Open resouer opened 3 years ago
package: # the encapsulation of this component. alternative name: module, componentSpec, encapsulation, templateModule, schematic
I vote for package
.
package: # the encapsulation of this component. alternative name: module, componentSpec, encapsulation, templateModule, schematic
I vote for "schematic"
Vote for schematic
Fine, let's use schematic
Below are points that I think are important to address with the current proposal.
More detailed questions and comments.
ComponentDefinition
WorkloadDefinition
Application
TraitDefinition
ApplicationScope
WRT
- Needs to support Component isolation. Different users having access to different Components.
What I really mean is that a ComponentDefinition needs to be namespace qualified. Just adding a namespace appears awkward though as it isn't clear if it applies to the name
or the type
.
apiVersion: core.oam.dev/v1alpha2
kind: Application
...
spec:
components:
- name: my-comp-inst
namespace: my-comp-def-ns
type: my-comp-def
Honestly I've always felt Kubernetes needed standardized single value qualified reference formats (e.g. namespace/name and group/version.kind@namespace/name or similar).
spec:
components:
- name: my-comp-inst
type: my-comp-def-ns/my-comp-def
Hi all, these are our comments on the spec proposal.
Application
it seems that we have a type and name, but at the same time the component has a status
. Is the status
expected to be populated with information about the generic component (e.g., template can be parsed), or will it be containing information about the instances. From the point of view of having a clear picture of what is happening on an application, having some type of ComponentInstance
information is desirable. For example, where will be the information stored in case a particular instance of a component cannot be deployed because of quota, image not being available or any other common error in Kubernetes. Right now, some of this information is not available on the OAM layer.spec.schematic.kube.parameters
, or spec.parameters
). It will seem more natural to consolidate those on a single place (spec.parameters
).status.parameters
generated? If so, how will the runtime be able to determine which are the parameters for a random component? Is there an expectation that the component will provide a schema for that?apiVersion
/Kind
in that use case? Is the runtime expected to track/associate all of the generated resources? will it fail in case of a mismatch with the workload definition?InfrastructureComponent
entity could be discussed.workload.oam.dev/replicable-number-replicas-path
annotation to identify which is the fields of the k8s entity against a patch is going to be generated.appliesToWorkloads
should have the same format (array, list, etc) as in the workload.Versioning
Extra information on user facing entities
Component Security Context
We have submitted a PR for the OAM runtime controller to include security context information on components limiting the information to aspects of the container, not to the underlying orchestration system. We think that this information should also be part of the new OAM proposal at least for the spec.schematic.kube
aspect.
OAM Compliance
With the growth of OAM in the industry we think that the spec should have a clear definition of which are the minimum requirements for an OAM runtime. Before this proposal, our understanding was that the differentiation from one provider to another would be the different workload types and traits that were present, not parts of the spec.
Trait consolidation
Traits are currently implemented as Kubernetes operators that modify the generated resource according to their internal logic. However, this opens up the door for consolidation failure scenarios where two traits may want to modify the same characteristic. For example, image two trait trying to set different number of replicas.
Maybe it is too much of a change for the current proposal/scope, but it will be nice to consider this issue in the future. If traits are applied in order by some mechanism, we feel the system becomes much more robust, even if that requires traits not being operators, but implementing a common gRPC interface to return the altered entity.
Configuration and secrets
This issue is not referenced by the spec, and may not be clear for a new user how this is expected to be supported. One option is to add this type of information as a new entity or include it on the Application
one, while other could be to use a specific Trait
. Either way, the spec should contain information about how to proceed when deploying an application that requires a config map. While many containerized application rely on environment variables to set options, others just use a plain config file on known locations.
@kminder @dhiguero Just updated the spec description based on your inputs, they are valuable!
We will leave some features as Non-Goal for this release, for example:
.schematic
fully extensible. There's no intension to expand this until there're significant requirements to open this as an extension point and conformance design will be needed then. We will focus on the schematic types listed above which are all driven by real user requirements. appliesTo
behavior. This is a highly demanded feature (i.e. applies to characteristics instead of workload def'n name), but we decide won't couple it in this release and tackle it separately in issue https://github.com/oam-dev/spec/issues/392. A similar feature is ConflictsWith
on traits.Speaking of consistency, what about using kind
for all.
apiVersion: core.oam.dev/v1alpha2
kind: Application
metadata:
name: application-sample
spec:
components:
- name: myweb
kind: foo/webservice # ref to ComponentDefinition, optionally, in namespace foo
properties: # parameter values of the component
image: "busybox"
cmd:
- sleep
- "1000"
traits: # assume traits are in oam system namespace for now
- kind: scaler
properties:
replicas: 10
- kind: sidecar
properties:
name: "sidecar-test"
image: "nginx"
Speaking of consistency, what about using
kind
for all.apiVersion: core.oam.dev/v1alpha2 kind: Application metadata: name: application-sample spec: components: - name: myweb kind: foo/webservice # ref to ComponentDefinition, optionally, in namespace foo properties: # parameter values of the component image: "busybox" cmd: - sleep - "1000" traits: # assume traits are in oam system namespace for now - kind: scaler properties: replicas: 10 - kind: sidecar properties: name: "sidecar-test" image: "nginx"
@kminder @dhiguero please check the proposal above and +1/-1 for this.
In spirit I agree with the suggestion above about making the syntax for references to type definitions consistent. However I'm not a fan of using kind
as that has a very specific meaning in Kubernetes. Therefore I make a counter proposal to use type
instead.
apiVersion: core.oam.dev/v1alpha2
kind: Application
metadata:
name: application-sample
spec:
components:
- name: myweb
type: foo/webservice # ref to ComponentDefinition, optionally, in namespace foo
properties: # parameter values of the component
image: "busybox"
cmd:
- sleep
- "1000"
traits: # assume traits are in oam system namespace for now
- type: scaler
properties:
replicas: 10
- type: sidecar
properties:
name: "sidecar-test"
image: "nginx"
I also think that kind
may be confusing due to its kubernetes meaning as the kind
in the second line of the example (kind: Application
) does not accept the same syntax that the proposed one. I think that naming it type
as @kminder suggested is a better option.
Cool, then we confirm using type
. BTW, let's move the API to v1beta1
.
So the final example could be:
apiVersion: core.oam.dev/v1beta1
kind: Application
metadata:
name: application-sample
spec:
components:
- name: myweb
type: foo/webservice # ref to ComponentDefinition, optionally, in namespace foo
properties: # parameter values of the component
image: "busybox"
cmd:
- sleep
- "1000"
traits: # assume traits are in oam system namespace for now
- type: scaler
properties:
replicas: 10
- type: sidecar
properties:
name: "sidecar-test"
image: "nginx"
\cc @resouer @dhiguero @kminder
The comment after namespace is slightly misleading because it gives the impression that foo/webservice is an instance rather than a type.
apiVersion: core.oam.dev/v1alpha3
kind: ComponentDefinition
metadata:
name: webservice
namespace: foo # install this component in namespace foo
Maybe change "install" to "declare".
OAM Spec v0.3.0 Working Draft
Hi all, this is the issue tracker to finalize the design of OAM spec v0.3.0. It reflects the high level ideas of the existing working draft in master branch with considerations on backward compatibility in existing releases.
1. ComponentDefinition
2. WorkloadDefinition
3. Application
4. TraitDefinition
5. ApplicationScope
No change with spec v0.2.1
Open Questions
1. Behavior of traits for revisioned components.
Traits are attached to component instances, and those instances are revisioned. Should we replica the traits then (e.g. ingress vs. {ingress-v1, ingress-v2})?
In previous code, as a workaround, we tagged
TraitDefinition
asrevisionEnabled
to control this behavior, though recently we fallback to assume ALL traits are replicated but have to leaverollout
to a seperate field (since it is across-revisions).