Add Better Provider GC Support (#24)

Obviously nothing is done yet, but we can better spot orphans when using a UID. Also sneak in a fix for cluster provisioning.
unikorn-cloud · Mar 13, 2024 · f7d62f5 · f7d62f5
1 parent bd8920b
commit f7d62f5
Show file tree

Hide file tree

Showing 2 changed files with 18 additions and 10 deletions.
diff --git a/pkg/providers/openstack/provider.go b/pkg/providers/openstack/provider.go
@@ -309,26 +309,34 @@ const (
 	ProjectIDAnnotation = "openstack.unikorn-cloud.org/project-id"
 
 	// Projects are randomly named to avoid clashes, so we need to add some tags
-	// in order to be able to reason about who they really belong to.
+	// in order to be able to reason about who they really belong to.  It is also
+	// useful to have these in place so we can spot orphaned resources and garbage
+	// collect them.
 	OrganizationTag = "organization"
 	ProjectTag      = "project"
 	ClusterTag      = "cluster"
+	ClusterUUIDTag  = "clusterUUID"
 )
 
-// provisionProject creates a project per-cluster.  Cluster API provider Openstack is
-// somewhat broken in that networks can alias and cause all kinds of disasters, so it's
-// safest to have one cluster in one project so it has its own namespace.
-func (p *Provider) provisionProject(ctx context.Context, identityService *IdentityClient, cluster *unikornv1.KubernetesCluster) (*projects.Project, error) {
-	name := "unikorn-" + rand.String(8)
-
-	// Set some tags so we can audit who owns this projects.
+// projectTags defines how to tag projects.
+func projectTags(cluster *unikornv1.KubernetesCluster) []string {
 	tags := []string{
 		OrganizationTag + "=" + cluster.Labels[constants.OrganizationLabel],
 		ProjectTag + "=" + cluster.Labels[constants.ProjectLabel],
 		ClusterTag + "=" + cluster.Name,
+		ClusterUUIDTag + "=" + string(cluster.UID),
 	}
 
-	project, err := identityService.CreateProject(ctx, p.domainID, name, tags)
+	return tags
+}
+
+// provisionProject creates a project per-cluster.  Cluster API provider Openstack is
+// somewhat broken in that networks can alias and cause all kinds of disasters, so it's
+// safest to have one cluster in one project so it has its own namespace.
+func (p *Provider) provisionProject(ctx context.Context, identityService *IdentityClient, cluster *unikornv1.KubernetesCluster) (*projects.Project, error) {
+	name := "unikorn-" + rand.String(8)
+
+	project, err := identityService.CreateProject(ctx, p.domainID, name, projectTags(cluster))
 	if err != nil {
 		return nil, err
 	}

diff --git a/pkg/provisioners/helmapplications/clusteropenstack/provisioner.go b/pkg/provisioners/helmapplications/clusteropenstack/provisioner.go
@@ -241,7 +241,7 @@ func (p *Provisioner) Values(ctx context.Context, version *string) (interface{},
 			},
 			"serverMetadata": serverMetadata,
 		},
-		"clusterManager": map[string]interface{}{
+		"controlPlane": map[string]interface{}{
 			"replicas": *cluster.Spec.ControlPlane.Replicas,
 			"machine":  p.generateMachineHelmValues(&cluster.Spec.ControlPlane.MachineGeneric, nil),
 		},