search

openshift-online / maestro

Maestro Service Repo
Apache License 2.0
8 stars 15 forks source link

refactor maestro agent flags. #112

Closed morvencao closed 2 weeks ago

morvencao commented 3 weeks ago

Refactor maestro agent flags:

  1. Enable manifest & manifestbundle codec for maestro agent.
  2. Disable leader election by default, but can be enabled explicitly by flags when running agent in multiple instances.
markturansky commented 3 weeks ago

i'd advise against election leader and instead use the advisory locks provided by postgres.

morvencao commented 3 weeks ago

Did some testing with new agent:

  1. No permission(RBAC) issue.
  2. DisableLeaderElection flags works.
  3. MaxJSONRawLength works.

/cc @clyang82 @skeeey

clyang82 commented 3 weeks ago

how about standalone maestro agent, does it work?

morvencao commented 3 weeks ago

@clyang82 maestro-agent can run as standalone:

# go run ./cmd/maestro/main.go agent --kubeconfig=/tmp/kubeconfig  --workload-source-config=/tmp/config.yaml --workload-source-driver=mqtt --cloudevents-client-id=cluster1-agent --consumer-name=cluster1
W0607 08:08:33.125558  385318 cmd.go:245] Using insecure, self-signed certificates
I0607 08:08:33.544479  385318 observer_polling.go:159] Starting file observer
W0607 08:08:33.545032  385318 builder.go:260] unable to identify the current namespace for events: open /var/run/secrets/kubernetes.io/serviceaccount/namespace: no such file or directory
W0607 08:08:33.554245  385318 builder.go:267] unable to get owner reference (falling back to namespace): pods "test" not found
I0607 08:08:33.554465  385318 builder.go:299] maestro-agent version v0.0.0-master+$Format:%H$-$Format:%H$
I0607 08:08:34.038681  385318 secure_serving.go:57] Forcing use of http/1.1 only
W0607 08:08:34.038755  385318 secure_serving.go:69] Use of insecure cipher 'TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256' detected.
W0607 08:08:34.038763  385318 secure_serving.go:69] Use of insecure cipher 'TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256' detected.
I0607 08:08:34.042255  385318 factory.go:58] Executor caches enabled: false
{"level":"info","ts":1717747714.0423555,"logger":"fallback","caller":"v2@v2.0.0-20231030012137-0836a524e995/protocol.go:124","msg":"subscribing to topics: map[sources/maestro/consumers/cluster/sourceevents:{1 0 false false}]"}
I0607 08:08:34.043134  385318 requestheader_controller.go:169] Starting RequestHeaderAuthRequestController
I0607 08:08:34.043191  385318 shared_informer.go:311] Waiting for caches to sync for RequestHeaderAuthRequestController
I0607 08:08:34.043207  385318 configmap_cafile_content.go:202] "Starting controller" name="client-ca::kube-system::extension-apiserver-authentication::client-ca-file"
I0607 08:08:34.043255  385318 configmap_cafile_content.go:202] "Starting controller" name="client-ca::kube-system::extension-apiserver-authentication::requestheader-client-ca-file"
I0607 08:08:34.043282  385318 shared_informer.go:311] Waiting for caches to sync for client-ca::kube-system::extension-apiserver-authentication::client-ca-file
I0607 08:08:34.043309  385318 shared_informer.go:311] Waiting for caches to sync for client-ca::kube-system::extension-apiserver-authentication::requestheader-client-ca-file
I0607 08:08:34.043818  385318 dynamic_serving_content.go:132] "Starting controller" name="serving-cert::/tmp/serving-cert-491928347/tls.crt::/tmp/serving-cert-491928347/tls.key"
W0607 08:08:34.044270  385318 agentoptions.go:63] the agent broadcast topic not set, fall back to the agent events topic
I0607 08:08:34.044494  385318 base_controller.go:67] Waiting for caches to sync for AvailableStatusController
I0607 08:08:34.044524  385318 base_controller.go:67] Waiting for caches to sync for AppliedManifestWorkFinalizer
I0607 08:08:34.044554  385318 base_controller.go:67] Waiting for caches to sync for ManifestWorkAddFinalizerController
I0607 08:08:34.044617  385318 base_controller.go:67] Waiting for caches to sync for AppliedManifestWorkController
I0607 08:08:34.044639  385318 base_controller.go:67] Waiting for caches to sync for ManifestWorkAgent
I0607 08:08:34.044655  385318 base_controller.go:67] Waiting for caches to sync for UnManagedAppliedManifestWork
I0607 08:08:34.044671  385318 base_controller.go:67] Waiting for caches to sync for ManifestWorkFinalizer
I0607 08:08:34.044811  385318 secure_serving.go:213] Serving securely on [::]:8443
I0607 08:08:34.044865  385318 tlsconfig.go:240] "Starting DynamicServingCertificateController"
W0607 08:08:34.045282  385318 agentoptions.go:63] the agent broadcast topic not set, fall back to the agent events topic
...
clyang82 commented 2 weeks ago

/ok-to-test