Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feature gates #1970

Merged
merged 3 commits into from
Nov 1, 2021
Merged

feature gates #1970

merged 3 commits into from
Nov 1, 2021

Conversation

shaneutt
Copy link
Contributor

@shaneutt shaneutt commented Oct 26, 2021
edited
Loading

What this PR does / why we need it:

This patch documents and enables feature gates for KIC to add tooling which helps to manage the lifecycle of new and/or experimental features for the KIC.

This was meant to solve two problems:

  • strongly communicate the lifecycle and trajectory of features, and give us a path to graduate as well as deprecate while significantly reducing any surprises for end-users
  • provide a safe/isolated way to iteratively develop Gateway support without putting it directly in end-users hands day 1
  • allow Gateway development to start quickly but without being locked in forever if the long term implementation lives partially or wholly elsewhere in time (e.g. operator code)

PR Readiness Checklist:

  • the CHANGELOG.md release notes have been updated

@shaneutt shaneutt self-assigned this Oct 26, 2021
@shaneutt shaneutt temporarily deployed to Configure ci October 26, 2021 21:16 Inactive
@shaneutt shaneutt added this to the Gateway API - Milestone 1 milestone Oct 26, 2021
@shaneutt shaneutt temporarily deployed to Configure ci October 26, 2021 21:27 Inactive
@shaneutt shaneutt temporarily deployed to Configure ci October 27, 2021 19:22 Inactive
@shaneutt shaneutt temporarily deployed to Configure ci October 27, 2021 19:27 Inactive
@shaneutt shaneutt temporarily deployed to Configure ci October 27, 2021 19:29 Inactive
@shaneutt shaneutt temporarily deployed to Configure ci October 27, 2021 19:33 Inactive
@shaneutt shaneutt temporarily deployed to Configure ci October 27, 2021 20:04 Inactive
@Kong Kong deleted a comment from github-actions bot Oct 27, 2021
@shaneutt shaneutt temporarily deployed to Configure ci October 27, 2021 20:12 Inactive
@shaneutt shaneutt marked this pull request as ready for review October 27, 2021 20:17
@shaneutt shaneutt requested a review from a team as a code owner October 27, 2021 20:17
@shaneutt shaneutt enabled auto-merge (rebase) October 27, 2021 20:18
@shaneutt shaneutt temporarily deployed to Configure ci October 27, 2021 20:27 Inactive
@shaneutt
Copy link
Contributor Author

Reporting We should have reporting for these to inform removal decisions. That doesn't strictly need to go in this PR (I'm not familiar with adding new reporting info and unsure how much additional work it is--it doesn't look like we have much anything on internals other than version at this point), but it should be a high-ish priority new feature if we merge this without it.

I was actually thinking about this already this morning before I read this, 080719a includes reporting for all feature gate options.

Existing features and GA handling I don't think we should include (most) existing GA features in this, and think we should remove feature flags once a feature is GA. Upstream indicates that they do remove graduated flags:

https://kubernetes.io/docs/reference/command-line-tools-reference/feature-gates/
A General Availability (GA) feature is also referred to as a stable feature. It means:
The feature is always enabled; you cannot disable it.
The corresponding feature gate is no longer needed.

That suggests that GA removes the actual flag-handling code and only keeps the documentation Status/Since/Until record around. Is that not true in practice? Can you still toggle GA features off?

We'd maybe need some stub code to indicate that it was previously a flag to play nice with validity detection and/or print a "this feature is now GA, you can remove it from the list" log, unless we want to be strict about users removing graduated flags when upgrading.

IMO the KongPlugin/TCPIngress/KongConsumer/etc. controllers should not be listed here at all--they didn't go through this process and were effectively GA immediately on release, so listing them here is a bit confusing, doubly so if they don't actually have feature flags (which, per the above GA rule, they shouldn't).

d3013a4 rips it all out as you suggest. In truth I was aware of upstream and I had intentionally gone slightly against the grain here because I was thinking about a potentially soon future where we would actually deprecate APIs like UDPIngress and TCPIngress since upstream Kubernetes will soon have (Gateway) options for these, but these are always things we can add later and at least right now I particularly want to laser focus on this PR in support of gateways.

KongCredential is particularly confusing, since it more changed shape rather than being removed entirely.

I've since removed that one.

@shaneutt shaneutt requested a review from rainest October 29, 2021 15:52
@shaneutt shaneutt temporarily deployed to Configure ci October 29, 2021 15:56 Inactive
@shaneutt shaneutt temporarily deployed to Configure ci October 29, 2021 16:08 Inactive
@shaneutt shaneutt temporarily deployed to Configure ci October 29, 2021 17:07 Inactive
@shaneutt shaneutt temporarily deployed to Configure ci October 29, 2021 19:31 Inactive
@shaneutt shaneutt temporarily deployed to Configure ci October 29, 2021 19:37 Inactive
@shaneutt shaneutt temporarily deployed to Configure ci October 29, 2021 19:48 Inactive
rainest
rainest previously approved these changes Oct 29, 2021
View reviewed changes
Copy link
Contributor

@rainest rainest left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM with changes. I think the implication is that any other controller feature flag will have the condition be && to require both the gate and controller flag, and there's just no example because all we have now is Knative and Knative is weird.

We're probably stuck with TCP/UDPIngress for quite some time, since upstream isn't the fastest-moving thing--we're probably quite a ways out from being able to deprecate them, since we'd want Gateway APIs in at least beta (the APIs themselves rather than our implementation) and available on major providers--even once APIs reach beta providers may not actually enable them by default (or allow you to enable them at all).

@shaneutt shaneutt requested a review from rainest November 1, 2021 15:11
@shaneutt shaneutt temporarily deployed to Configure ci November 1, 2021 22:14 Inactive
@shaneutt shaneutt temporarily deployed to Configure ci November 1, 2021 22:31 Inactive
@shaneutt shaneutt merged commit 0878452 into main Nov 1, 2021
@shaneutt shaneutt deleted the shaneutt/feature-gates branch November 1, 2021 22:34
mflendrich
mflendrich reviewed Nov 2, 2021
View reviewed changes
FEATURE_GATES.md
Comment on lines +37 to +50
### Feature gates for graduated or deprecated features

{{< table caption="Feature Gates for Graduated or Deprecated Features" >}}

| Feature | Default | Stage | Since | Until |
|----------------------------|---------|------------|-------|-------|

{{< /table >}}

Features that reach GA and over time become stable will be removed from this table, they can be found in the main [KIC CRD Documentation][specs] and [Guides][guides].

[specs]:https://docs.konghq.com/kubernetes-ingress-controller/latest/references/custom-resources/
[guides]:https://docs.konghq.com/kubernetes-ingress-controller/latest/guides/overview/

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

YAGNI - suggestion: delete

internal/manager/controllerdef.go
// knative is a special case because it existed before we added feature gates functionality
// for this controller (only) the existing --enable-controller-knativeingress flag overrides
// any feature gate configuration. See FEATURE_GATES.md for more information.
Enabled: featureGates["Knative"] || c.KnativeIngressEnabled,
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think that feature gate names deserve a dedicated enum type, and they definitely deserve consts rather than literal values

internal/manager/feature_gates.go
const featureGatesDocsURL = "https://github.com/Kong/kubernetes-ingress-controller/blob/main/FEATURE_GATES.md"

// setupFeatureGates converts feature gates to controller enablement
func setupFeatureGates(setupLog logr.Logger, c *Config) (map[string]bool, error) {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This function could have a simpler and cohesive mental model: take two map[string]bools (rather than c) and have the semantics of "merging two maps key-wise but using the first in case of a conflict".

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mflendrich mflendrich mflendrich left review comments

@rainest rainest rainest approved these changes

Assignees

@shaneutt shaneutt

Labels
area/docs ci/license/changed priority/medium
Projects
None yet
Milestone
Gateway API - Milestone 1
Development

Successfully merging this pull request may close these issues.
3 participants
@shaneutt @rainest @mflendrich