Skip to content

Latest commit

 

History

History
63 lines (47 loc) · 2.45 KB

3.1-AccountPool.md

File metadata and controls

63 lines (47 loc) · 2.45 KB

3.1 AccountPool

3.1.1 AccountPool CR

The AccountPool CR holds information about the available number of accounts that can be claimed for cluster provisioning.

apiVersion: aws.managed.openshift.io/v1alpha1
kind: AccountPool
metadata:
  name: example-accountpool
  namespace: aws-account-operator
spec:
  poolSize: 50

3.1.2 AccountPool Controller

The AccountPool controller is triggered by a create or change operation to an AccountPool CR or an Account CR. It is responsible for filling the AccountPool by generating new Account CRs.

The controller looks at the desired AccountPool CR spec.poolSize and it ensures that the number of unclaimed accounts matches the number of the defined poolsize. If the number of unclaimed accounts is less than the poolsize it creates a new Account CR for the Account controller to process.

We also generate metrics as part of the pool status on available pool size so that we can act to increase the AWS limit for accounts or act to reset accounts before a customer tells us that we're out of accounts.

Constants and Globals

emailID = "osd-creds-mgmt"

Status

Updates accountPool CR

  claimedAccounts: 4
  poolSize: 3
  unclaimedAccounts: 3
  availableAccounts: 5
  accountsProgressing: 2
  awsLimitDelta: 1
  • claimedAccounts are any accounts with the status.Claimed=true.
  • unclaimedAccounts are any accounts with status.Claimed=false and status.State!="Failed".
  • poolSize is the poolsize from the AccountPool spec.
  • availableAccounts is the amount of accounts that have NEVER been claimed AND are READY to be claimed. This does NOT include Ready reused accounts. This differs from UnclaimedAccounts who similarly have never been claimed but includes all non-failed states.
  • accountsProgressing shows the approximate value of the number of accounts that are somewhere in the creation workflow but have not finished. (Creating, Pending Verification, or Initializing Regions)
  • awsLimitDelta shows the approximate difference between the number of AWS accounts currently created and the limit set in the configmap. This will generally be the same across all individual hive shards in an environment.

Metrics

Updated in the AccountPool controller:

MetricTotalAccountCRs
MetricTotalAccountCRsUnclaimed
MetricTotalAccountCRsClaimed
MetricTotalAccountPendingVerification
MetricTotalAccountCRsFailed
MetricTotalAccountCRsReady
MetricTotalAccountClaimCRs