[Feature] Reference the 'extraVolumeMounts' value in the 'aggregator' container spec

Question

[Feature] Reference the 'extraVolumeMounts' value in the 'aggregator' container spec

ravnalexquinn opened this issue 3 months ago · comments

Problem Statement

In the 'cost-model' container there is the option to pass in a productkey secret and mount it, using a combination of the 'extraVolumes' and 'extraVolumeMounts' values. This lets you take advantage of an external secret provider to pass in the productkey.

The aggregator container does not allow referencing of an 'extraVolumeMounts' value, and so when the container starts up it is unable to read the productkey file containing the required string (because it can't be mounted) and produces this error:

Error: initializing: failed to check license: failed to get product key: readObjectStart: expect { or n, but found , error found in #0 byte of ...||..., bigger context ...||...

Solution Description

Update the 'aggregator.containerTemplate' helper function to reference either the existing top-level cost-analyzer.extraVolumeMounts value in the same way as in the 'cost-model' container, or create a new 'cost-analyzer.kubecostAggregator.extraVolumeMounts' value so that users can then mount a secret into the aggregator container.

Alternatives

No response

Additional Context

No response

Troubleshooting

I have read and followed the issue guidelines and this is a feature request only for the Helm chart.
I have searched other issues in this repository and mine is not recorded.

Webb Brown · Answer 1 · Fri Mar 29 2024 05:10:07 GMT+0800 (China Standard Time)

This seems reasonable and is likely pretty quick. @thomasvn any thoughts?

Thomas Nguyen · Answer 2 · Sat Mar 30 2024 00:07:59 GMT+0800 (China Standard Time)

@ravnalexquinn I've quickly drafted what I think would be the solution here: #3292! It still requires some testing and documenting which I will do soon. Let me know what you think!

Kavin · Answer 3 · Thu Apr 04 2024 01:42:57 GMT+0800 (China Standard Time)

@dwbrown2 @thomasvn -- Can this extraVolumes, extraVolumeMounts, extraEnvs be included for CloudCost & Aggregator pods as well?

Previously we had it for federator pod but this is now separated and those references were somehow removed :(

We mainly use these in combination with custom ServiceAccount for WLI in GKE.

Thomas Nguyen · Answer 4 · Thu Apr 04 2024 03:02:13 GMT+0800 (China Standard Time)

@Kavinraja-Ganesan Yep good catch! The PR above will add extraVolumes and extraVolumeMounts to the Aggregator. I'll go ahead and do the same for the CloudCost pod.

Jesse Goodier · Answer 5 · Sat Apr 06 2024 05:15:15 GMT+0800 (China Standard Time)

This will be in 2.2.1! thanks @thomasvn for the great PR!

ravnalexquinn · Answer 6 · Fri Apr 12 2024 19:58:37 GMT+0800 (China Standard Time)

@thomasvn @jessegoodier

I made a comment in the PR here: #3292 (comment)

But duplicating here for visibility.

Hi @thomasvn, thanks for this

Regarding this:
Allows users to add extraVolumes [...] when Aggregator is running as a Statefulset.

Could you explain why the aggregator running as a stateful set is a requirement, please? Preventing the mount values being referenced when aggregator is a container running under the 'cost-analyzer' pod

If there isn't a particular reason, may I request that this if statement
{{- if and .Values.kubecostAggregator.extraVolumeMounts (eq (include "aggregator.deployMethod" .) "statefulset") }}
be amended to
{{- if .Values.kubecostAggregator.extraVolumeMounts }}

So that the aggregator container under the 'cost-analyzer' pod can mount a secret. In my case the secret for the product key.

Also, apologies for not feeding this back earlier, I was away on leave for some time so wasn't watching the post.