DFC uninstall flow

[ezio-auditore]

• checks for PVs using ocs storage classes and restricts delete if found
• delete default storageclass claims
• delete storageclient

[bindrad]

@ezio-auditore I don't see a function that will indicate whether the offering is safe to be removed or not. We should have dfcIsReadyToBeRemoved function which will be called in pluginIsReadyToBeRemoved function.

[leelavg]

I don't see a function that will indicate

• good call, seems I need to look at agent code (standalone) before reviewing next PRs 😅

[nb-ohad]

I believe that this will only list PVs from the set of namespaces the operator group allows for it.
We need to list all PVs! for that I believe you can use the Unrestricted Client

[ezio-auditore]

Updated to fetch using UnrestrictedClient

[nb-ohad]

Why do we need to calculate the provisioners name on each loop iteration?

Suggested change

	ocsStorageClass := map[string]bool{}
	for i := range storageClassList.Items {
	storageClass := storageClassList.Items[i]
	if storageClass.Provisioner == r.offering.Namespace+ocsCephFsProvisionerSuffix || storageClass.Provisioner == r.offering.Namespace+ocsRBDProvisionerSuffix {
	ocsStorageClass[storageClass.Name] = true
	}
	}
	ocsStorageClass := map[string]bool{}
	rbdProvisionerName = r.offering.Namespace + ocsRBDProvisionerSuffix
	fsProvisionerName := r.offering.Namespace + ocsCephFsProvisionerSuffix
	for i := range storageClassList.Items {
	storageClass := storageClassList.Items[i]
	if storageClass.Provisioner == rbdProvisionerName || storageClass.Provisioner == fsProvisionerName {
	ocsStorageClass[storageClass.Name] = true
	}
	}

[ezio-auditore]

updated

[bindrad]

Shouldn't we delete non-default storageClassClaims as well that are provisioned by cephfs.csi.ceph.com or rbd.csi.ceph.com?

[nb-ohad]

That is a very good question! @ezio-auditore what do you think?

[ezio-auditore]

What I think
If the user creates his custom storageClassClaim using the the default storageclient spec only then we need to delete those storageClassClaims,else we need to ignore it.

@nb-ohad @bindrad If this sounds ok I will implement the same here.

[bindrad]

default storageclient spec

Are we even allowing customer to create non-default storageClient? Or do we have plans to allow customer to create non-default storageClients?

[nb-ohad]

If the user creates his custom storageClassClaim using the the default storageclient spec

@ezio-auditore that does not make any sense. The reason someone will create another claim is if they want some aspects of the storageclass to be different

[Madhu-1]

@nb-ohad, the ocs-client-operator is already checking for any PV before deleting the SCC. Why do we need to recheck the PV here again?

The question here was about SCC, I think we should just delete the lot of them

You mean list all the SCC, delete them, and wait for them to be deleted before deleting the storage client right?

[Madhu-1]

Do we support Users creating custom storageclass and static provisioning without SCC in managed service?

[bindrad]

Do we support Users creating custom storageclass and static provisioning without SCC in managed service?

On consumer clusters, customer can do anything they want to.

[bindrad]

You mean list all the SCC, delete them, and wait for them to be deleted before deleting the storage client right?

I think we can issue a delete for all SCCs and then issue a delete for storageClient. No need to wait for the removal of all SCCs before deleting storageClient because client-operator won't delete storageClient unless all SCCs are removed.

[nb-ohad]

@Madhu-1 I am aware the ocs-client-operator is already checking for that.
But a k8s delete operation is unrevertable so we check for potential lock conditions, from the operator that owns the lifecycle of the offering (in this case the client operator) before issuing the delete request.

[nb-ohad]

Would this give us enough privileges to read and delete over all namespaces?

[bindrad]

Yes, it gives us enough privileges

[nb-ohad]

Why do we need access to storageclass? Doesn't uninstallation of ocs-client-operator already take care of deletion of storageclassclaims and as a result the attached storageclasses?

[bindrad]

We need access to get, list and watch storageClass to fetch the PVs that are using ocs storageclasses

[nb-ohad]

Is there a reason why we are treating these storageclassclaims differently then ant other storagelcassclaim?

[bindrad]

These are the default storageClassClaims that the agent is creating.

[nb-ohad]

The existence of storageclassclaims or even storageclasses does not infer usage of storage. I am against blocking uninstallation based on that

[nb-ohad]

To prevent a copy operation, please take a reference

Suggested change

	storageClass := storageClassList.Items[i]
	storageClass := &storageClassList.Items[i]

[nb-ohad]

The ocsRBDProvisionerSuffix and ocsCephFsProvisionerSuffix are only used once here. Can we just embed the values?

[nb-ohad]

I believe we had an r.UnrestrictedList(pvList) operation.

[nb-ohad]

Suggested change

	ocsStorageClass := map[string]bool{}
	ocsStorageClasses := map[string]bool{}

[nb-ohad]

It does not make sense to have logic/logging of messages base on the result of this func inside the func itself.
Let's have this function be countOCSVolumes which returns a number and handles the decision-making process outside.

[nb-ohad]

Can we just create the unrestricted client once and rescue it in all controllers?

[ezio-auditore]

closing since another PR #63 already addressing this