Integreatly won't get the version of UPS with WebPush or iOS token support. This means that rather than updating integreatly-1 to have the new version, we have to update integreatly-2 to have the old version. However, integreatly-2 already has a version of the operator with webpush and iostoken variants. Here's how I propose we proceed:
- Go back to older UPS on master of operator (or if there's a feature flag in the latest version, use that)
- Remove all of the controllers and CRDs, apart from the UnifiedPushServer ("installation") one
- Make it a regular "namespace" scoped operator (we've got a custom hybrid scope at the moment because of how we wanted it to work in conjunction with MDC). This will mean that we replace the ClusterRole/ClusterRolebinding with a regular RoleRolebinding also.
Additionally, we have "support" for using AMQ in UPS, and we've got the ability to configure that in the installation CR. We currently never do that though because enmasse causes issues. Unfortunately even without configuring a CR for enmasse support, the fact that the controller watches enmasse resources causes tons of extra logs in the operator, which eventually leads to the pod memory filling up and getting killed. Whatever about the failings of enmasse/enmasse-operator, I think the fact that the unifiedpush-operator knowingly leaks memory like this makes it a bad cloud citizen. I propose the following:
- Don't watch the enmasse resources any longer
- Remove those extra permissions that the operator service account has for watching those resources
- Investigate whether it would be better to go to a new version of the CRD that doesn't have that flag any longer, or just ignore it in the controller
|