azure-service-operator
azure-service-operator copied to clipboard
Azure
Import stable versions of preview resources
Describe the current behavior
We have a small number of resources where the latest available API version we support is a preview version despite there being multiple later stable releases.
Some users are hesitant to use preview versions and would prefer to use stable API versions only.
Describe the improvement
Check each resource where the latest version we support is a preview and identify stable versions we should have on our backlog.
Groups to update
- [x] Authorization
- [x] ContainerService - @theunrepentantgeek
- [x] DBforPostgreSQL
- [ ] Insights
- [x] KeyVault
- [x] ManagedIdentity
- [ ] ServiceBus
- [x] Storage - @matthchr
A preliminary scan of currently supported resources identifies the following:
| Group | Resource | ASO Latest | Later ARM Stable |
|---|---|---|---|
| Authorization | RoleAssignment | 2020-08-01-preview | 2022-04-01 |
| ContainerService | ManagedCluster | 2023-02-02-preview | 2023-05-01 |
| ManagedClustersAgentPool | 2023-02-02-preview | 2023-05-01 | |
| TrustedAccessRoleBinding | 2023-02-02-preview | 2023-05-01 | |
| DBforPostgreSQL | FlexibleServer | 2022-01-20-preview | 2022-12-01 |
| FlexibleServersConfiguration | 2022-01-20-preview | 2022-12-01 | |
| FlexibleServersDatabase | 2022-01-20-preview | 2022-12-01 | |
| FlexibleServersFirewallRule | 2022-01-20-preview | 2022-12-01 | |
| Insights | Webtest | 2018-05-01-preview | 2022-06-15 |
| KeyVault | Vault | 2021-04-01-preview | 2022-07-01 |
| ManagedIdentity | FederatedIdentityCredential | 2022-01-31-preview | 2023-01-31 |
| ServiceBus | Namespace | 2022-10-01-preview | - |
| NamespacesAuthorizationRule | 2022-10-01-preview | - | |
| NamespacesQueue | 2022-10-01-preview | - | |
| NamespacesTopic | 2022-10-01-preview | - | |
| NamespacesTopicsSubscription | 2022-10-01-preview | - | |
| NamespacesTopicsSubscriptionsRule | 2022-10-01-preview | - |
FWIW - With all the work we're doing around ManagedCluster* in the immediate future - I'd vote to have the latest versions for both preview and stable. We also would like to support both preview and stable API scenarios. See https://github.com/kubernetes-sigs/cluster-api-provider-azure/issues/2625#issuecomment-1557652425
I'm not sure that supporting both preview and stable versions of ManagedCluster every month is viable for Azure Service Operator. Unlike ARM, there's a runtime resource cost per version of a custom resource definition, regardless of whether the user has any resource instances of a particular version.
According to a blog entry from Upbound (the authors of Crossplane):
In our experiments we found that the API server uses a little over 4MiB of physical (Resident Set Size, or RSS) memory per CRD.
To put this in context, we currently have 6 resources within the containerservice group. Adding both preview and stable versions of the resources each month, we'd be increaasing the memory requirement of the api-server by ~48MB each month.
We certainly can (and should!) update the versions on a regular basis, but I don't believe we can import every version.
Looks like we need to progress #2687 promptly.
