[RFC] Add Support for File based Service Binding Information #804
Conversation
This RFC suggests to introduce an alternative option for the CF platform to provide Service Binding information to applications.
beyhan
requested review from
a team,
rkoster,
stephanme,
ameowlia and
ChrisMcGowan
and removed request for
a team
beyhan
changed the title
toc/rfc/rfc-draft-add-support-for-file-based-service-binding.md
Outdated
Show resolved
Hide resolved
toc/rfc/rfc-draft-add-support-for-file-based-service-binding.md
Outdated
Show resolved
Hide resolved
| * Higher implementation efforts for the Cloud Controller | ||
|
|
||
|
|
||
| The 2) alternatives offers more than just addressing the issue of this RFC. It suggests an option to evolve the CF platform towards a different service binding specification defined by the Cloud Native community. This means higher implementation efforts for the CF platform and application developers, but possible benefits from the Cloud Native community. This RFC has a light preference for the 2) alternative because of the listed advantages but the feedback of the CF community is wanted here. |
There was a problem hiding this comment.
Some app developers are going to want to make the minimum changes possible, and 1 definitely works there. Other app developers are going to porting an app from k8s, and 2 makes their path onto CF easier. Is it possible to offer both 1 and 2, and have developers pick which environment variable they'll use to find the file?
There was a problem hiding this comment.
My read is that users will be able to pick between using the existing env variable approach, which means zero change for their apps, or they can use the file-based approach which would mean some level of change for their app with either approach. So there is control for the user that doesn't want change.
Both of the implementations above sound like there would be work involved for an app to adopt. Minimally, you're going to need to know to read from a file instead. It's small, but if you've got apps that are not actively being developed, even that may be more work than you're willing to do.
Not sure if it needs to go into this proposal, but I would suggest that we target the common libraries that folks are using to read VCAP_SERVICES, like java-cfenv (I believe there are Python & Node.js libraries also) and get support for both formats, env variable and file, and then it's a lot less relevant how it's implemented. The libraries will smooth things over and possibly even make it so that no code change is required at the app level.
There was a problem hiding this comment.
My read is that users will be able to pick between using the existing env variable approach, which means zero change for their apps, or they can use the file-based approach which would mean some level of change for their app with either approach. So there is control for the user that doesn't want change.
This is correct. @mogul given this clarification do you still see benefits in supporting both options in parallel?
Not sure if it needs to go into this proposal, but I would suggest that we target the common libraries that folks are using to read VCAP_SERVICES, like java-cfenv (I believe there are Python & Node.js libraries also) and get support for both formats, env variable and file, and then it's a lot less relevant how it's implemented. The libraries will smooth things over and possibly even make it so that no code change is required at the app level.
@dmikusa Do you mean here option 1) or both? Most probably both but I wanted to check?
There was a problem hiding this comment.
Both. I think regardless of what we do, we can lean on the libraries to help with smoothing things over for hopefully a lot of users.
There was a problem hiding this comment.
Just to comment on the reason for both options: There is a problem with the length of VCAP and running with existing VCAP + K8s service binding would not simplify to use the libraries to get the variables. So, to run both alternatives in parallel, I would propose to store the variables in both formats in two different files, not only keep the current VCAP in memory. This would solve the existing problem and also prepare for future service bindings.
There was a problem hiding this comment.
Thank you for the votes! I didn't set an end date for the voting but most of the RFC reviewers and the TOC already voted and the winner is clear. That is why, I updated the RFC (88f5fb6) with the winning option. Please review the latest state.
toc/rfc/rfc-draft-add-support-for-file-based-service-binding.md
Outdated
Show resolved
Hide resolved
Co-authored-by: Bret Mogilefsky <[email protected]>
|
|
||
| Cloud Controller should be extended with an App Feature to activate the new file base Service Binding option. If the file-based service binding feature is active the Cloud Controller should generate a Run action, which configures the Service Bindings to be stored as tmpfs file(s) in the application container instead of `VCAP_SERVICES` environment variable. | ||
|
|
||
| Additionally, the suggest limit for the size should be implemented. |
There was a problem hiding this comment.
It would be good to add a section describing how the name and tags OSBAPI fields could be mapped to type and provider service binding fields (if these are not specified by the broker), addressing initial broker compatibility. This could for example be done based on well-known tags like postgres and mysql. This would be in line with the service-specific code that is currently used to populate the DATABASE_URL variable.
There was a problem hiding this comment.
In libcnb for Cloud-Native Buildpacks, we implemented a translation from VCAP_SERVICES to CNB bindings. What we did was this:
- Credentials map was turned into key/value files (i.e. key is the file name, value is the file contents). We did not go into nested maps, so if a key in Credentials had a nested JSON value, then the JSON is written as the contents of the file.
- We used the Label from
VCAP_SERVICESas thetype. - We used the top-level key from the
VCAP_SERVICESmap as theprovider.
I haven't used it myself, but I know people are using it. @loewenstein - How has this mapping worked out in practice?
There was a problem hiding this comment.
We contributed that to libcnb mainly because of the Paketo Dynatrace Buildpack and for that it works - as far as I can tell.
There was a problem hiding this comment.
@loewenstein is buildpacks/libcnb#228 you are referring to? The mentioned mapping above isn't directly visible in the change but most probably I have to dive deeper into it.
There was a problem hiding this comment.
I think there were two or three PRs to arrive at the present implementation. You can see what we have settled on here.
There was a problem hiding this comment.
Looking into the implementation of the CC the top-level key from the VCAP_SERVICES seems to be also the label from the VCAP_SERVICES. The value is taken from the name attribute of the service offering as defined in the OSBAPI spec. I think it make sense to be consistent and have the same mapping as implemented in libcnb and will update the RFC with this if we agree to go with the 2) approach and don't here anything against the suggested mapping.
There was a problem hiding this comment.
I added details about the VCAP_SERVICES -> K8s bindings mapping with 88f5fb6. Please review and provide feedback.
|
|
||
| The App Features API aren’t supported currently in the CF CLI and [app manifest](https://docs.cloudfoundry.org/devguide/deploy-apps/manifest-attributes.html). To make the use of this proposal for CF operators easier this should be addressed. | ||
|
|
||
| ### App Manifest Attributes Proposal |
There was a problem hiding this comment.
Adding app features to the cf app manifest has been requested before for enabling ssh: cloudfoundry/cloud_controller_ng#2996
The proposal should allow to explicitly enable and disable a feature flag (i.e. not just by listing the flag). Otherwise it would be impossible to disable a feature flag because the CF app manifest is not declarative but additive (see https://v3-apidocs.cloudfoundry.org/#apply-a-manifest-to-a-space).
E.g.
applications:
- name: testapp
features:
- file-based-service-bindings: true
or, closer to the app-features v3 API,
applications:
- name: testapp
features:
- name: file-based-service-bindings
enabled: true
There was a problem hiding this comment.
I agree and tried to address this with 0ae1408. Is that OK?
There was a problem hiding this comment.
From concept point of view, it looks ok. But there is one yaml error in the 2nd proposal (see my comment below).
Otherwise we won't be able to disable a app feature via the app manifest.
| applications: | ||
| - name: test-app | ||
| features: | ||
| - file-based-service-bindings |
There was a problem hiding this comment.
"name" is missing before file-based-service-bindings in the alternative proposal:
features:
- name: file-based-service-bindings
enabled: true
There was a problem hiding this comment.
Thanks! Fixed with de5b48f
|
|
||
| The App Features API aren’t supported currently in the CF CLI and [app manifest](https://docs.cloudfoundry.org/devguide/deploy-apps/manifest-attributes.html). To make the use of this proposal for CF operators easier this should be addressed. | ||
|
|
||
| ### App Manifest Attributes Proposal |
There was a problem hiding this comment.
From concept point of view, it looks ok. But there is one yaml error in the 2nd proposal (see my comment below).
| * Higher implementation efforts for the Cloud Controller | ||
|
|
||
|
|
||
| The 2) alternatives offers more than just addressing the issue of this RFC. It suggests an option to evolve the CF platform towards a different service binding specification defined by the Cloud Native community. This means higher implementation efforts for the CF platform and application developers, but possible benefits from the Cloud Native community. This RFC has a light preference for the 2) alternative because of the listed advantages but the feedback of the CF community is wanted here. |
beyhan
force-pushed
the
add-file-based-service-binding-information
branch
from
197d7be to
9cf29a9
Compare
beyhan
force-pushed
the
add-file-based-service-binding-information
branch
from
9cf29a9 to
88f5fb6
Compare
beyhan
requested review from
mogul,
rkoster,
stephanme,
silvestre,
dmikusa,
PlamenDoychev,
loewenstein,
blgm,
UlfFildebrandt and
pivotal-marcela-campo
|
We are starting the FCP with the goal to approve this RFC by next Tuesday 7th of May. |
This RFC suggests to introduce an alternative option for the CF platform to provide Service Binding information to applications.
Preview