Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add connection, permisison check to kubernetes work type #514

Open
kdelee opened this issue Jan 7, 2022 · 0 comments
Open

Add connection, permisison check to kubernetes work type #514

kdelee opened this issue Jan 7, 2022 · 0 comments

Comments

@kdelee
Copy link
Member

kdelee commented Jan 7, 2022

Right now the only way to check if the kubernets cluster/credentials that the kubernetes work type is configured to use are correctly configured/the cluster is reachable is to actually submit work, e.g. launch a pod.

In AWX, which uses the receptor kubernetes work type as the way ContainerGroups connect and launch work on k8s/ocp, this translates to the only way to test a ContainerGroup is to actually launch a job. If we had this type of check, we could implement a "Test Connection" or periodic health check for the ContainerGroup

I'm not sure if the best way is to add options to https://github.com/ansible/receptor/blob/devel/docs/source/k8s.rst#runtime-params and have the kubernetes work type simply do something other than launch a pod (e.g. run equivalent of kubectl auth can-i --list or kubectl cluster-info) that can be called on command to check if the config is good/a work submit ought to work.

Another possible option I can imagine is defining some kind of "kubernetes-peer" like "tcp-peer" https://github.com/ansible/receptor/blob/devel/docs/source/connecting_nodes.rst#connecting-nodes where we specify a named "kubernetes-peer" with specified authmethod like in the kubernetes work type. Then we can "ping" this peer and perhaps that "ping" action will provide the desired "check if I can actually reach this cluster and what permissions I have"

Ideally, I'd like to also know things about the capacity of the k8s/ocp cluster, but that can come as an additional feature request later.

@kdelee kdelee changed the title Add connection, permisison check to kuberenetes work type Add connection, permisison check to kubernetes work type Jan 7, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants