Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

make teardown always remove istio-system namespace #999

Open
nak3 opened this issue Jun 4, 2021 · 3 comments
Open

make teardown always remove istio-system namespace #999

nak3 opened this issue Jun 4, 2021 · 3 comments

Comments

@nak3
Copy link
Contributor

nak3 commented Jun 4, 2021
edited
Loading

description

Since NAMESPACES env value registers istio-system namespace, make teardown always removes istio-system.

serverless-operator/hack/lib/vars.bash

Lines 42 to 46 in b96019b

# eventing e2e and conformance tests use a container for tracing tests that has hardcoded `istio-system` in it
export ZIPKIN_NAMESPACE="${ZIPKIN_NAMESPACE:-istio-system}"
declare -a NAMESPACES
NAMESPACES=("${SERVERLESS_NAMESPACE}" "${ZIPKIN_NAMESPACE}" "${OPERATORS_NAMESPACE}")

version

HEAD(b96019b)

step to produces

1. Install only operator

DOCKER_REPO_OVERRIDE=quay.io/nak3 make install-operator

2. Run make teardown

DOCKER_REPO_OVERRIDE=quay.io/nak3 make teardown

As you can see the last line, the command deletes istio-system namespace.

$ DOCKER_REPO_OVERRIDE=quay.io/nak3 make teardown
INSTALL_SERVING="false" INSTALL_EVENTING="false" ./hack/install.sh
DEBUG   13:57:46.277 Debug log (set -x) is written to: /tmp/tmp.6nDxXS3cs4/debuglog-install.sh.log
DEBUG   13:57:46.278 Registering error handler: stacktrace
INFO    13:57:46.280 Skipping scaling up, because SCALE_UP is negative.
INFO    13:57:46.281 Create namespaces
SUCCESS 13:57:47.960 Namespaces have been created: serverless istio-system openshift-serverless
INFO    13:57:47.961 Check if CatalogSource is installed
SUCCESS 13:57:48.369 CatalogSource is already installed.
INFO    13:57:48.370 Check if Serverless is installed
configmap/config-logging unchanged
INFO    13:57:54.117 Installing latest version of Serverless...
INFO    13:57:54.119 Install the Serverless Operator: serverless-operator.v1.16.0
subscription.operators.coreos.com/serverless-operator unchanged
INFO    13:57:54.968 Ensure channel and source is set properly
subscription.operators.coreos.com/serverless-operator patched (no change)
INFO    13:57:58.522 Wait for the installplan to be available
DEBUG   13:57:58.523 [[ -z $(find_install_plan serverless-operator.v1.16.0) ]] : Waiting until non-zero (max 900 sec.) done
installplan.operators.coreos.com/install-qgshq patched (no change)
DEBUG   13:58:14.682 [[ $(oc get ClusterServiceVersion serverless-operator.v1.16.0 -n openshift-serverless -o jsonpath='{.status.phase}') != Succeeded ]] : Waiting until non-zero (max 300 sec.) done
SUCCESS 13:58:15.323 Latest version of Serverless is installed: serverless-operator.v1.16.0
knakayam@localhost:~/.go/src/github.com/openshift-knative/serverless-operator (main)$ oc get pod 
No resources found in default namespace.
knakayam@localhost:~/.go/src/github.com/openshift-knative/serverless-operator (main)$  KUBECONFIG=/home/knakayam/dev/ocp4/auth/kubeconfig  DOCKER_REPO_OVERRIDE=quay.io/nak3 make teardown
./hack/teardown.sh
DEBUG   13:58:50.416 Debug log (set -x) is written to: /tmp/tmp.cE0VfcGMKx/debuglog-teardown.sh.log
DEBUG   13:58:50.418 Registering error handler: stacktrace
WARNING 13:58:50.419 😭  Teardown Serverless...
INFO    13:58:53.284 Ensure no knative serving pods running
DEBUG   13:58:53.286 [[ $(oc get pods -n knative-serving --field-selector=status.phase!=Succeeded -o jsonpath='{.items}') != '[]' ]] : Waiting until non-zero (max 600 sec.) done
namespace "knative-serving" deleted
INFO    13:59:00.859 Ensure no ingress pods running
DEBUG   13:59:00.860 [[ $(oc get pods -n knative-serving-ingress --field-selector=status.phase!=Succeeded -o jsonpath='{.items}') != '[]' ]] : Waiting until non-zero (max 600 sec.) done
INFO    13:59:08.597 Ensure no knative eventing or knative kafka pods running
DEBUG   13:59:08.599 [[ $(oc get pods -n knative-eventing --field-selector=status.phase!=Succeeded -o jsonpath='{.items}') != '[]' ]] : Waiting until non-zero (max 600 sec.) done
namespace "knative-eventing" deleted
subscription.operators.coreos.com "serverless-operator" deleted
clusterserviceversion.operators.coreos.com "serverless-operator.v1.16.0" deleted
namespace "openshift-serverless" deleted
SUCCESS 13:59:39.818 Serverless has been uninstalled.
WARNING 13:59:39.819 Teardown tracing
DEBUG   13:59:40.909 [[ $(oc get pods -n istio-system --field-selector=status.phase!=Succeeded -o jsonpath='{.items}') != '[]' ]] : Waiting until non-zero (max 600 sec.) done
SUCCESS 13:59:41.379 Tracing is uninstalled.
INFO    13:59:41.380 Deleting CatalogSource serverless-operator
catalogsource.operators.coreos.com "serverless-operator" deleted
service "serverless-index" deleted
deployment.apps "serverless-index" deleted
configmap "serverless-bundle-sha1sums" deleted
buildconfig.build.openshift.io "serverless-bundle" deleted
INFO    13:59:44.192 Wait for the serverless-operator pod to disappear
DEBUG   13:59:44.194 [[ $(oc get pods -n openshift-serverless | grep -c serverless-operator) -gt 0 ]] : Waiting until non-zero (max 300 sec.) done
SUCCESS 13:59:44.620 CatalogSource deleted
INFO    13:59:44.621 Deleting namespaces
INFO    13:59:45.055 Waiting until there are no pods in serverless to safely remove it...
DEBUG   13:59:45.058 [[ $(oc get pods -n serverless --field-selector=status.phase!=Succeeded -o jsonpath='{.items}') != '[]' ]] : Waiting until non-zero (max 600 sec.) done
namespace "serverless" deleted
INFO    13:59:52.429 Waiting until there are no pods in istio-system to safely remove it...
DEBUG   13:59:52.430 [[ $(oc get pods -n istio-system --field-selector=status.phase!=Succeeded -o jsonpath='{.items}') != '[]' ]] : Waiting until non-zero (max 600 sec.) done
namespace "istio-system" deleted
SUCCESS 13:59:59.593 Namespaces have been deleted.

Although we assumed that this repo was development purpose, removing unexpected namespace is kind of dangerous.
@skonto
Copy link
Contributor

skonto commented Jul 22, 2021

@nak3 do we expect anyone to run make teardown in a non development env?

@nak3
Copy link
Contributor Author

nak3 commented Jul 22, 2021
edited
Loading

Yes, we do. Actually I opened this issue based on a Red Hat engineer's question. He wanted to test the latest (main branch's) serverless-operator version on his demo env, and he wanted to clean up the resources related to the serverless only.

@skonto
Copy link
Contributor

skonto commented Jan 12, 2022
edited
Loading

@nak3 it seems that delete_namespaces

serverless-operator/hack/teardown.sh

Line 13 in bda392e

delete_namespaces "${SYSTEM_NAMESPACES[@]}"
is invoked with SYSTEM_NAMESPACES env var that includes the istio-system namespace

serverless-operator/hack/lib/vars.bash

Line 46 in bda392e

SYSTEM_NAMESPACES=("${ZIPKIN_NAMESPACE}" "${OPERATORS_NAMESPACE}")
because of this req

serverless-operator/hack/lib/vars.bash

Lines 42 to 43 in bda392e

# eventing e2e and conformance tests use a container for tracing tests that has hardcoded `istio-system` in it
export ZIPKIN_NAMESPACE="${ZIPKIN_NAMESPACE:-istio-system}"
.
@devguyio @pierDipi can we remove that default ns and have the zipkin ns defined explicitly so we can avoid the unexpected deletion during teardown?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@nak3 @skonto