API changes for Cascading deletion by caesarxuchao · Pull Request #23928 · kubernetes/kubernetes

caesarxuchao · 2016-04-06T18:14:52Z

This PR includes the necessary API changes to implement cascading deletion with finalizers as proposed is in #23656. Comments are welcome.

@lavalamp @derekwaynecarr @bgrant0607 @rata @hongchaodeng

rata · 2016-04-07T15:15:56Z

pkg/api/v1/types.go

s/entry/entries?

rata · 2016-04-07T15:21:23Z

@caesarxuchao I'm new to kubernetes, but I've read the log on all the issues (also in the one you point out in the PR) and seems fine to me.

I'm not sure I follow when will be Finalizers added and how an entry is removed (i.e. when/how does it know the component. Is always a component in OwnerReferences/OrphanReferences that is there?). But it's fine, I don't need to fully understand it now and someone else can look at it :)

caesarxuchao · 2016-04-07T17:04:50Z

Thank you @rata, you may want to take a look at #23656, that's the proposal that describes the details you asked for :)

rata · 2016-04-07T17:24:30Z

@caesarxuchao oh, silly me. I haven't actually seen the document and only the discussion! Now I've read it. It seems fine to me :)

lavalamp · 2016-04-07T19:03:28Z

pkg/api/types.go

We don't need both an orphan setting AND the finalizer list. lemme go over your proposal, we should pick the design.

Additionally, orphan should have a default value that depends on the object and api version-- default false for new objects, false for existing ones.

liggitt · 2016-04-11T02:32:58Z

pkg/api/types.go

Does this mean the API server deletes owned objects on the caller's behalf? If so, need to make sure this doesn't allow escalation (would an update to add an owner reference allow a user to delete an object they wouldn't otherwise be allowed to delete?)

Is cross namespace ownership allowed? I'd like to start with disallowing that…

@liggitt as proposed in #23656, deleting a parent object (e.g., a replicaset) may result in the deletion of a child object (e.g., a pod). I'd imagine If a user has the right to delete a replicaset, he should also has the right to delete a pod, is there any counterexample?

Is cross namespace ownership allowed? I'd like to start with disallowing that…

We'll start with disallowing that. Do you mean I need to explicitly say this in the comment?

@derekwaynecarr: "I wonder if this should be GuardianReferences so it aligns with dependent/guardian relationships. Maybe it's too close to tax season." (135fb5e#commitcomment-17170872)

Here's @bgrant0607's reason for naming it "owner": #23656 (comment)

I think "owner" is more proper term in case of garbage collection.

ReliesOn
DependsOn
LockedBy
KeptAliveBy
ReservedBy
ExistsWhilePresent

Just brainstorming. These names have issues.

If we don't allow cross-namespace references, I think there's a better type to use than ObjectReference.

OrdainedBy
PermittedBy
DeleteWhenAllGone
ChainDeletionOf
GCReferences
GCLockedBy
GCLockReferences

I'm not sure any of these beat OwnerReferences, maybe it'll give someone a good idea.

This is a standard concept in databases: existence dependency:
http://www.cs.sfu.ca/CourseCentral/354/zaiane/material/slides/Chapter2/tsld021.htm
https://www.dlsweb.rmit.edu.au/toolbox/ecommerce/tbn_respak/tbn_e2/html/tbn_e2_devsol/er_model_relnshps.htm#ExistenceDependency

caesarxuchao · 2016-04-20T18:16:40Z

pkg/api/types.go

@derekwaynecarr: "I suspect we will need to require qualified names for both keys and values? How else will we prevent clobbering or allow for extensions?" (135fb5e#commitcomment-17170861)

That's a valid concern. Let's consider what common qualities we should put in the names, maybe a provider field?

I'll switch the meaning of the key and the value, because a map key needs to be unique, while an "explanatory name" doesn't have to be.

bgrant0607 · 2016-04-22T04:33:59Z

pkg/api/v1/types.go

Please don't use ObjectReference. Create a type that contains exactly the fields we plan to use.

Also, we'll want to specify the patch merge key.

caesarxuchao · 2016-04-22T22:15:55Z

@lavalamp it's updated according to comments. PTAL. Thanks.

caesarxuchao · 2016-05-05T17:51:42Z

@eparis The merge-bot keeps removing the LGTM label, could you take a look? Thanks.

eparis · 2016-05-05T17:54:37Z

going to have to kick the bot :-( he did that to another PR this morning!

eparis · 2016-05-05T17:57:12Z

kubernetes-retired/contrib#901

k8s-github-robot · 2016-05-06T02:00:23Z

@k8s-bot test this [submit-queue is verifying that this PR is safe to merge]

k8s-bot · 2016-05-06T02:39:10Z

GCE e2e build/test passed for commit 4562a26.

k8s-github-robot · 2016-05-06T02:46:39Z

Automatic merge from submit-queue

Automatic merge from submit-queue plumb Update resthandler to allow old/new comparisons in admission Rework how updated objects are passed to rest storage Update methods (first pass at #23928 (comment)) * allows centralizing precondition checks (uid and resourceVersion) * allows admission to have the old and new objects on patch/update operations (sets us up for field level authorization, differential quota updates, etc) * allows patch operations to avoid double-GETting the object to apply the patch Overview of important changes: * pkg/api/rest/rest.go * changes `rest.Update` interface to give rest storage an `UpdatedObjectInfo` interface instead of the object directly. To get the updated object, the storage must call `UpdatedObject()`, passing in the current object * pkg/api/rest/update.go * provides a default `UpdatedObjectInfo` impl * passes a copy of the updated object through any provided transforming functions and returns it when asked * builds UID preconditions from the updated object if they can be extracted * pkg/apiserver/resthandler.go * Reworks update and patch operations to give old objects to admission * pkg/registry/generic/registry/store.go * Calls `UpdatedObject()` inside `GuaranteedUpdate` so it can provide the old object Todo: - [x] Update rest.Update interface: * Given the name of the object being updated * To get the updated object data, the rest storage must pass the current object (fetched using the name) to an `UpdatedObject(ctx, oldObject) (newObject, error)` func. This is typically done inside a `GuaranteedUpdate` call. - [x] Add old object to admission attributes interface - [x] Update resthandler Update to move admission into the UpdatedObject() call - [x] Update resthandler Patch to move the patch application and admission into the UpdatedObject() call - [x] Add resttest tests to make sure oldObj is correctly passed to UpdatedObject(), and errors propagate back up Follow-up: * populate oldObject in admission for delete operations? * update quota plugin to use `GetOldObject()` in admission attributes * admission plugin to gate ownerReference modification on delete permission * Decide how to handle preconditions (does that belong in the storage layer or in the resthander layer?)

caesarxuchao assigned lavalamp Apr 6, 2016

caesarxuchao added the sig/api-machinery Categorizes an issue or PR as relevant to SIG API Machinery. label Apr 6, 2016

googlebot added the cla: yes label Apr 6, 2016

k8s-github-robot added kind/api-change Categorizes issue or PR as related to adding, removing, or otherwise changing an API size/M Denotes a PR that changes 30-99 lines, ignoring generated files. release-note-label-needed labels Apr 6, 2016

rata reviewed Apr 7, 2016
View reviewed changes

pkg/api/v1/types.go Outdated

Copy link
Copy Markdown

Member

rata Apr 7, 2016

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

s/entry/entries?

lavalamp reviewed Apr 7, 2016
View reviewed changes

rata mentioned this pull request Apr 11, 2016

Facilitate ConfigMap rollouts / management #22368

Open

liggitt reviewed Apr 11, 2016
View reviewed changes

caesarxuchao mentioned this pull request Apr 11, 2016

[GarbageCollector] Adding a proposal for server-side cascading deletion #23656

Merged

caesarxuchao force-pushed the cascading-deletion-API-changes branch from 62328cc to 359a17f Compare April 11, 2016 18:40

k8s-github-robot added size/S Denotes a PR that changes 10-29 lines, ignoring generated files. and removed size/M Denotes a PR that changes 30-99 lines, ignoring generated files. labels Apr 11, 2016

caesarxuchao reviewed Apr 20, 2016
View reviewed changes

caesarxuchao changed the title ~~[RFC] API changes for Cascading deletion~~ API changes for Cascading deletion Apr 20, 2016

k8s-github-robot added the needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. label Apr 21, 2016

bgrant0607 reviewed Apr 22, 2016
View reviewed changes

caesarxuchao force-pushed the cascading-deletion-API-changes branch from d5feb94 to 93286f0 Compare April 22, 2016 22:12

k8s-github-robot removed the needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. label Apr 22, 2016

caesarxuchao mentioned this pull request May 4, 2016

hack/verify-codecgen.sh disagrees with hack/udpate-codecgen.sh for testdata #25176

Closed

caesarxuchao force-pushed the cascading-deletion-API-changes branch from 357bbac to 2eacc2c Compare May 5, 2016 00:01