1729308 – ClusterVersion api does not make it clear it should not be edited

Bug 1729308 - ClusterVersion api does not make it clear it should not be edited

Summary: ClusterVersion api does not make it clear it should not be edited

Keywords:
Status:	CLOSED NOTABUG
Alias:	None
Product:	OpenShift Container Platform
Classification:	Red Hat
Component:	Installer
Sub Component:
Version:	4.2.0
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	low
Target Milestone:	---
Target Release:	4.2.0
Assignee:	Abhinav Dahiya
QA Contact:	Johnny Liu
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2019-07-11 21:46 UTC by Ben Parees
Modified:	2019-08-14 01:39 UTC (History)
CC List:	1 user (show)
Fixed In Version:
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:	2019-08-14 01:39:14 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Description Ben Parees 2019-07-11 21:46:22 UTC

Our docs say:

In OpenShift Container Platform 4.1, you must not customize the ClusterVersion resource for production clusters. Instead, follow the process to update a cluster.

but the api docs itself just say:


   spec	<Object> -required-
     spec is the desired state of the cluster version - the operator will work
     to ensure that the desired version is applied to the cluster.


Which can lead to admins trying to edit this themselves and getting in trouble. The api docs should make it clear this should not be edited by hand.

Comment 1 Abhinav Dahiya 2019-07-11 21:58:08 UTC

The spec is editable by human, cli, automatic upgrade controller (_when that exists_). So I don't think there is value in specifying that the spec "should not be edited by hand".

Comment 2 Ben Parees 2019-07-11 23:20:51 UTC

how about "should not be edited directly"?

I assume the idea here is that we don't want people putting in values that point to untested upgrade paths.

Alternatively if the docs are totally off-base (ie it is fine for someone to oc edit clusterversion and we are endorsing doing so), please submit a PR to change the docs and use that to close this bug.

Comment 3 Abhinav Dahiya 2019-07-11 23:50:47 UTC

> In OpenShift Container Platform 4.1, you must not customize the ClusterVersion resource for production clusters. Instead, follow the process to update a cluster.


where in docs is that recommendation? Can you provide the link.

And the api docs don't need to match with best-practices, personally that doesn't seem like the best co-relation...

Comment 4 Ben Parees 2019-07-12 02:50:06 UTC

> where in docs is that recommendation? Can you provide the link.

https://docs.openshift.com/container-platform/4.1/installing/install_config/customizations.html#configuration-resources_customizations

though I do have a pull open that's affecting that file, so if you have new wording you can tell me here and i will update my PR to include it.

https://github.com/openshift/openshift-docs/pull/15806

> And the api docs don't need to match with best-practices, personally that doesn't seem like the best co-relation...

Not necessarily, but the api docs should steer users away from actions that could allow them to brick their cluster.

Comment 5 Ben Parees 2019-08-13 20:16:21 UTC

Abhinav, what additional info do you need from me?  Comment 4 was my attempt to address your previous info request.  (My docs PR has since merged, but of course those changes aren't reflected in the 4.1 docs, only in master)

Comment 6 Abhinav Dahiya 2019-08-13 20:23:55 UTC

https://github.com/openshift/openshift-docs/pull/15905 merged the changes to master. should end up in 4.2 docs.

Comment 7 Ben Parees 2019-08-13 20:26:18 UTC

Not sure why you assigned this back to me?

Comment 8 Ben Parees 2019-08-13 20:29:32 UTC

(The bug is/was that the clusterversion api doc doesn't make it clear the field should not be directly edited by a user.  The product doc is ok.  Has the api doc been updated?)

Comment 10 Ben Parees 2019-08-13 20:47:01 UTC

i don't think this is resolved and i don't want to lose track of it until we resolve the api doc discussion.  reopening and reassigning.

Comment 11 Abhinav Dahiya 2019-08-13 21:48:49 UTC

> The bug is/was that the clusterversion api doc doesn't make it clear the field should not be directly edited by a user.

And I think I was pretty clear that the API doc correctly mentions that the fields can be changed. Endorsements of safety based on who edits that field should not be part of the API doc.

Comment 12 Ben Parees 2019-08-13 22:03:04 UTC

I don't think you were, since you did not address my statement of:
the api docs should steer users away from actions that could allow them to brick their cluster.

And we have made these changes to other apis.  We are directing users to use "oc explain" to understand how to manage their cluster.  If oc explain does not make it clear how they can/cannot use those fields, then that is a problem.

Just stating that the fact that a field can be changed is not sufficient documentation of how that field should be used, when changing that field can break your cluster or put it in an unsupported state.

Comment 13 Abhinav Dahiya 2019-08-13 22:22:44 UTC

We have already made it pretty clear that setting this value to anything other than the ones in the Available updates might cause the upgrade to fail
https://github.com/openshift/api/blob/b5570061b31fed3b06c24077c534b1a1bf7ecf8b/config/v1/types_cluster_version.go#L40-L43

We already do not upgrade to a release-image that's not trusted. https://github.com/openshift/api/blob/b5570061b31fed3b06c24077c534b1a1bf7ecf8b/config/v1/types_cluster_version.go#L209-L218


Therefore, there are enough checks to make sure that the field to editable by all, and would require user consent to brick their cluster.

Note You need to log in before you can comment on or make changes to this bug.