Docs: CRD Enhancements #2344
Docs: CRD Enhancements #2344
Conversation
Signed-off-by: Chris Blum <cblum@ibm.com> (cherry picked from commit 8e40c63) Signed-off-by: rakeshgm <rakeshgm@redhat.com>
| 1. **S3 profile not found** | ||
|
|
||
| - Verify S3 profile name matches RamenConfig | ||
| - Check RamenConfig: | ||
|
|
||
| ```bash | ||
| kubectl get cm ramen-hub-operator-config -n ramen-system -o yaml | ||
| ``` |
There was a problem hiding this comment.
Isn't that supposed to be handled in code with #1641? @ShyamsundarR
|
|
||
| 1. **Configure S3 profiles carefully:** | ||
|
|
||
| - Test S3 connectivity before creating DRClusters |
There was a problem hiding this comment.
That's definitely supposed to be handled in code as part of #2046, among others
| The **DRClusterConfig** custom resource provides cluster-specific | ||
| disaster recovery configuration on managed clusters. It is a | ||
| cluster-scoped resource that exists on each managed cluster (not on | ||
| the hub) and serves two primary purposes: |
There was a problem hiding this comment.
I think the phrasing should be fixed to something else that adds the remark in parenthesis as a separate note perhaps. The way it's now makes it look like the two are mutually exclusive where it's not necessarily implied or understood right away to the reader.
| **Requirements:** | ||
|
|
||
| - Immutable after creation | ||
| - Must be globally unique |
There was a problem hiding this comment.
Missing one (see #1819)
| **Requirements:** | |
| - Immutable after creation | |
| - Must be globally unique | |
| **Requirements:** | |
| - Cannot be left blank | |
| - Immutable after creation | |
| - Must be globally unique |
| #### `clusterID` (string) | ||
|
|
||
| The unique identifier for this cluster, derived from the kube-system | ||
| namespace UID. | ||
|
|
||
| **Source:** OCM ManagedCluster claim value for `id.k8s.io` |
There was a problem hiding this comment.
I'm wondering, post merge of #1854 -- will there still be a need to disclose this information in this manner? @ShyamsundarR
docs/drclusterconfig-crd.md
Outdated
| ### `conditions` ([]metav1.Condition) | ||
|
|
||
| Standard Kubernetes conditions. | ||
|
|
||
| **Condition types:** | ||
|
|
||
| - `Processed` - Configuration has been processed successfully | ||
| - `Reachable` - S3 storage is reachable from this cluster |
docs/drclusterconfig-crd.md
Outdated
| ### S3 Not Reachable | ||
|
|
||
| **Symptom:** `Reachable` condition is `False`. | ||
|
|
||
| **Check:** | ||
|
|
||
| 1. **S3 secret exists:** | ||
|
|
||
| ```bash | ||
| kubectl get secret -n ramen-system | grep s3 | ||
| ``` | ||
|
|
||
| 1. **S3 credentials are correct:** | ||
|
|
||
| ```bash | ||
| kubectl get secret <s3-secret-name> -n ramen-system -o yaml | ||
| ``` | ||
|
|
||
| 1. **Network connectivity to S3:** | ||
|
|
||
| ```bash | ||
| # Test from a pod | ||
| kubectl run -it --rm debug --image=amazon/aws-cli --restart=Never -- \ | ||
| s3 ls --endpoint-url=https://s1.amazonaws.com s3://<bucket-name> | ||
| ``` | ||
|
|
||
| **Solution:** Verify S3 configuration in DRCluster and ensure network | ||
| policies allow S3 access. |
There was a problem hiding this comment.
This will definitely be addressed in code instead of manual troubleshooting steps
docs/drclusterconfig-crd.md
Outdated
| ### ClusterID Mismatch | ||
|
|
||
| **Symptom:** Peer classes not matching across clusters. | ||
|
|
||
| **Check:** | ||
|
|
||
| ```bash | ||
| # Verify clusterID matches kube-system namespace UID | ||
| kubectl get namespace kube-system -o jsonpath='{.metadata.uid}' | ||
| kubectl get drclusterconfig drclusterconfig -o jsonpath='{.spec.clusterID}' | ||
| ``` | ||
|
|
||
| **Solution:** ClusterID should automatically match namespace UID. If not, | ||
| check Ramen operator logs. |
|
|
||
| - When applications are active on this cluster, their PV metadata is stored | ||
| to S3 profiles of all peer clusters | ||
| - When applications failover/relocate TO this cluster, PV metadata is |
There was a problem hiding this comment.
This needs to be re-worded? like secondary cluster instead of this cluster?
There was a problem hiding this comment.
The CRD document talks in terms of singleton and this refers to the cluster in context of this document.
docs/drcluster-crd.md
Outdated
|
|
||
| **Requirements:** | ||
|
|
||
| - Must match an S3 profile name in RamenConfig |
There was a problem hiding this comment.
This is reverse right? The RamenConfig should be updated based on DRCluster's s3Profile.
rakeshgm
force-pushed
the
crd-docs
branch
2 times, most recently
from
8b7cb3d to
0159aad
Compare
Signed-off-by: rakeshgm <rakeshgm@redhat.com>
|
@raaizik , can you review the DRClusterConfig CRD again. (doc is updated) |
Sure. I see only some of my comments have been addressed though |
Signed-off-by: rakeshgm <rakeshgm@redhat.com>
Signed-off-by: rakeshgm <rakeshgm@redhat.com>
|
LGTM |
4 participants
This is based on the PR #2332 . This includes