Move control-loop rom principle to glossary for now #31
Conversation
Signed-off-by: Dan Garfield <[email protected]>
Signed-off-by: Dan Garfield <[email protected]>
Signed-off-by: Dan Garfield <[email protected]>
todaywasawesome
force-pushed
the
closed-loop
branch
from
1f27117 to
f3dea2c
Compare
PRINCIPLES.md
Outdated
|
|
||
| 5. **Applied in a Closed Loop** | ||
|
|
||
| Software agents follow control theory and depend on [feedback](./GLOSSARY.md#feedback) about the actual state and the attempts at reconcilliation in order to reduce deviation over time. |
There was a problem hiding this comment.
- I like linking to the glossary defintion of feedback that specifies its place in control theory. But then don't need to mention control theory again here in the principle.
- I think it's important to keep the note we had, that the agents follow rules about what to do with the feedback they receive from the system (including past attempts)
| Software agents follow control theory and depend on [feedback](./GLOSSARY.md#feedback) about the actual state and the attempts at reconcilliation in order to reduce deviation over time. | |
| Software agents take actions based on policies around [feedback](./GLOSSARY.md#feedback) from the system and previous reconciliation attempts, in order to reduce deviation over time. |
There was a problem hiding this comment.
policies are transformational, whereas previous reconciliation is transactional.
I'm OK with adding both.
If only one out of two amendments can be included, then I favor the addition of ... policies ... even over previous reconciliation.
There was a problem hiding this comment.
Agree that previous reconciliation attempts are different from policies, but I mean there are policies which tell agents what to do with this feedback information. The simplest example I can think of is do something different after N attempts or T time (essentially, this is what k8s core controller CrashloopBackOff is). These require feedback from the system (closed loop) rather than just continue an open loop infinitely.
For GitOps this could be sending a failure notification requiring human decision making, rollbacks, or other specified actions. These policies are usually configurations delivered to agents who are doing the work of reconciliation and other actions around this, and therefore generally defined as part of Desired State. I didn't suggest specifying this though because the policies could also be built-in to the software agents chosen for the job.
There was a problem hiding this comment.
@lloydchang Just checking, do you have a concrete recommendation for modifying the wording of my suggested edit to Dan's change request?
Right now I'm hearing you say why you approve of this and what the constraints are if we were to change it even further. Please lmk if that is not correct 🙂
There was a problem hiding this comment.
@scottrigby I noticed v1.0.0's PRINCIPLE.md is missing your suggested change.
To confirm, is it intentional because of:
@scottrigby changed the title of this pull request to
"Move control-loop from principle to glossary for now"
?
FWIW, you and I are aligned regarding your proposed suggestions to PRINCIPLE.md if the topic resurfaces in future working group meetings, discussions, pull requests, etc.
Thank you.
There was a problem hiding this comment.
Yes, I understood that you were OK with it as worded now, but also had at least slight misgivings as a foundational requirement/principle, but all seem to agree it is at least a best practice.
Several other people had misgivings as well, some noted in slack because they were not able to get to github in time. We said in order to stick to schedule, if there was divergence in opinion we would leave the fifth principle omitted for the first release, so we did.
But it still seems important enough to include in the glossary, and link feedback item from the reconciliation glossary item.
This seemed a good compromise for now, and I believe does not go against the group conscience. We can continue discussing after v1.0.0 (which is now released!), and see where we all align on this when there is feedback on it from more WG and community members.
PS you are heavily thanked along with everyone else in the release notes 😇💯🎊
There was a problem hiding this comment.
Thanks @scottrigby
No slight misgivings from me at all about including your suggested changes as a Principle.
While I would like to see your suggested changes as a Principle, I am OK with v1.0.0's PRINCIPLE.md.
Thank you, everyone!
There was a problem hiding this comment.
Got it. Ok thanks for clarifying, we will continue discussing w the rest of the group post-kubecon 👌
Also, now that these are in a full release, we can also focus on the other documents and programs (and any potential code) that depended on these. Looking forward to moving ahead with those too!
There was a problem hiding this comment.
Thanks again @scottrigby — Another reason for adding your suggested changes as a fifth principle before further compromising its position in Documents, Glossary, Best Practices, Programs, Code, etc. is that our focus and intent is to be principle-led:
The GitOps WG focus is to clearly define a vendor-neutral, principle-led meaning of GitOps, which will establish a foundation for interoperability between tools, conformance, and certification. Lasting GitOps programs, documents, and code will live within the CNCF OpenGitOps project, also guided by the WG.
https://github.com/gitops-working-group/gitops-working-group/blob/main/README.md
OK that:
we will continue discussing w the rest of the group post-kubecon 👌
PRINCIPLES.md
Outdated
|
|
||
| 5. **Applied in a Closed Loop** | ||
|
|
||
| Software agents follow control theory and depend on [feedback](./GLOSSARY.md#feedback) about the actual state and the attempts at reconcilliation in order to reduce deviation over time. |
There was a problem hiding this comment.
policies are transformational, whereas previous reconciliation is transactional.
I'm OK with adding both.
If only one out of two amendments can be included, then I favor the addition of ... policies ... even over previous reconciliation.
|
@todaywasawesome the most recent commit needs DCO signoff. I could push that if you prefer, just LMK https://cloud-native.slack.com/archives/C01G9DEE88M/p1633703733092200?thread_ts=1633637990.091500&cid=C01G9DEE88M |
scottrigby
changed the title
PRINCIPLES.md
Outdated
|
|
||
| 5. **Applied in a Closed Loop** | ||
|
|
||
| Software agents follow control theory and depend on [feedback](./GLOSSARY.md#feedback) about the actual state and the attempts at reconcilliation in order to reduce deviation over time. |
There was a problem hiding this comment.
@scottrigby wrote:
The simplest example I can think of is do something different after N attempts or T time (essentially, this is what k8s core controller CrashloopBackOff is). These require feedback from the system (closed loop) rather than just continue an open loop infinitely.
What you described is a vital example for future BEST_PRACTICES.md
Short of saying, "Just use Kubernetes..." in future BEST_PRACTICES.md, perhaps you can phrase it as:
If you use Kubernetes, then the following are examples of CrashloopBackOff
And if the above is still not enough formal details in future BEST_PRACTICES.md, then informally-speaking... There is a vendor-provided explanation at https://sysdig.com/blog/debug-kubernetes-crashloopbackoff/
Thanks @scottrigby 🙂
Co-authored-by: Scott Rigby <[email protected]> Signed-off-by: Dan Garfield <[email protected]>
todaywasawesome
force-pushed
the
closed-loop
branch
from
6ed8777 to
394df22
Compare
Signed-off-by: Dan Garfield <[email protected]>
todaywasawesome
force-pushed
the
closed-loop
branch
from
f730a69 to
99ff0d3
Compare
Signed-off-by: Dan Garfield <[email protected]> Co-authored-by: Scott Rigby <[email protected]>
Signed-off-by: Dan Garfield <[email protected]>
Signed-off-by: Dan Garfield <[email protected]> Co-authored-by: Scott Rigby <[email protected]>
Signed-off-by: Dan Garfield <[email protected]>
todaywasawesome
force-pushed
the
closed-loop
branch
from
868cde2 to
9f6042c
Compare
scottrigby
changed the title
| @@ -38,3 +39,8 @@ This glossary accompanies the [GitOps Principles](./PRINCIPLES.md), and other su | |||
| This state store should provide access control and auditing on the changes to the Desired State. | |||
| Git, from which GitOps derives its name, is the canonical example used as this state store but any other system that meets these criteria may be used. | |||
| In all cases, these state stores must be properly configured and precautions must be taken to comply with requirements set out in the GitOps Principles. | |||
|
|
|||
| - ## Feedback | |||
There was a problem hiding this comment.
I like this addition for the spec on feedback
There was a problem hiding this comment.
To alphabetize Feedback, I created #41
| @@ -38,3 +39,8 @@ This glossary accompanies the [GitOps Principles](./PRINCIPLES.md), and other su | |||
| This state store should provide access control and auditing on the changes to the Desired State. | |||
| Git, from which GitOps derives its name, is the canonical example used as this state store but any other system that meets these criteria may be used. | |||
| In all cases, these state stores must be properly configured and precautions must be taken to comply with requirements set out in the GitOps Principles. | |||
|
|
|||
| - ## Feedback | |||
There was a problem hiding this comment.
To alphabetize Feedback, I created #41
| - ## Feedback | ||
|
|
||
| Open GitOps follows [control-theory](https://en.wikipedia.org/wiki/Control_theory) and operates in a closed-loop. In control theory, feedback represents how previous attempts to apply a desired state have affected the actual state. For example if the desired state requires more resources than exist in a system, the software agent may make attempts to add resources, to automatically rollback to a previous version, or to send alerts to human operators. | ||
|
|
There was a problem hiding this comment.
To alphabetize Feedback, I created #41
An attempt to resolve #24 where some members have expressed a preference for including control loop wording. In order to make 1.0 this week I'm hoping this wording can be reviewed and discussion can be taken in order to push us one way or the other. @scottrigby @murillodigital @lloydchang @moshloop @christianh814
Note, this is similar but not exactly the same as the wording we started with for closed-loop. I think some of the confusion came from unfamiliarity with control theory so we should call that out explicitly for clarity.