pulumi-kubernetes icon indicating copy to clipboard operation
pulumi-kubernetes copied to clipboard

Published 20 hours ago verified publisher icon pulumi

Support retaining or protecting resources of certain kinds in components

Open AaronFriel opened this issue 1 year ago • 1 comments

Hello!

  • Vote on this issue by adding a 👍 reaction
  • If you want to implement this feature, comment to let us know (we'll work with you on design, scheduling, etc.)

Issue details

Certain resources behave "catastrophically" when deleted, which can occur inadvertently during a replace operation. When a namespace or a CRD is deleted, all of the resources that depend on it are deleted. This cascading delete can result in downtime or outages and leaves the Pulumi stack's state inconsistent with the cluster.

For example suppose I have a project with these resources deployed via Pulumi:

namespace-scoped resources
└── Namespace foo
    └── Deployment foo-ns/bar

cluster-scoped resources:
├── CustomResourceDefinition Quux
└── CustomResource Quux:Thwomp

If foo namespace is replaced, the foo/bar resource is destroyed. Likewise, if the Quux CRD is replaced, the Thwomp resource is destroyed. This won't be detected until a pulumi refresh occurs, and the deployment will likely be inconsistent, resulting in one of three outcomes:

  • the Pulumi program does not modify any dependent resources, resulting in those being deleted and not recreated
  • the Pulumi engine attempts to update the resources after the Kubernetes API server deletes them, resulting in an error
  • the Pulumi engine races the API server and creates or updates dependent resources before the Kubernetes API server deletes them

In all of these situations, I would like to mark the respective resources with resource options like Protect or RetainOnDelete, to ensure that a cascading deletion out of band from the Pulumi engine cannot occur.

Affected area/feature

Component resources like:

  • helm/v2.Chart
  • yaml.*
  • kustomize.*

AaronFriel avatar Mar 13 '24 17:03 AaronFriel

In support of this idea, I observe that the Helm tool doesn't delete CRDs (docs).

Two workarounds worth mentioning:

  1. Write a transform function to add RetainOnDelete option to child resources (see example and this blog post for some hints).
  2. If using the Chart v4 resource, add the helm.sh/resource-policy: keep annotation to any object that you want preserved.

EronWright avatar Jul 18 '24 21:07 EronWright