Implements address space cleanup when a workspace service is uninstalled#4744
Implements address space cleanup when a workspace service is uninstalled#4744JC-wk wants to merge 15 commits into
Conversation
Unit Test Results678 tests 678 ✅ 9s ⏱️ Results for commit 2924a12. ♻️ This comment has been updated with latest results. |
|
I have been testing this for a few days, I am not sure if unit tests are needed and how best to write them if anyone wants to assist. |
There was a problem hiding this comment.
Pull request overview
This PR addresses IP range exhaustion risk by ensuring workspace address spaces allocated by workspace services are freed on successful uninstall, and by triggering a workspace upgrade so downstream infra reflects the removal.
Changes:
- Add post-uninstall cleanup in the service bus deployment status handler to remove a workspace-service
address_spacefrom the parent workspace’saddress_spaces. - Update AzureML and Databricks workspace-service templates to run a workspace
upgradestep after uninstall. - Bump API + template versions and add a changelog entry.
Reviewed changes
Copilot reviewed 7 out of 7 changed files in this pull request and generated 3 comments.
Show a summary per file
| File | Description |
|---|---|
| templates/workspace_services/databricks/template_schema.json | Adds a workspace upgrade step after uninstall (and JSON formatting changes). |
| templates/workspace_services/databricks/porter.yaml | Patch version bump. |
| templates/workspace_services/azureml/template_schema.json | Adds a workspace upgrade step after uninstall. |
| templates/workspace_services/azureml/porter.yaml | Patch version bump. |
| api_app/service_bus/deployment_status_updater.py | Implements address space cleanup after successful uninstall main step. |
| api_app/_version.py | API patch version bump. |
| CHANGELOG.md | Adds an Unreleased entry describing the change. |
| try: | ||
| await workspace_repo.patch_workspace(workspace, workspace_patch, workspace.etag, self.resource_template_repo, self.resource_history_repo, operation.user, False) | ||
| logger.info(f"Freed address space {address_to_free} from workspace {parent_workspace_id} after successful uninstall of {resource_id}") | ||
| except CosmosAccessConditionFailedError: | ||
| logger.exception("ETag conflict when freeing workspace address space after successful uninstall") |
There was a problem hiding this comment.
If patching the workspace fails with an ETag conflict here, the code only logs and then continues. That can permanently leak the address space (no retry and the uninstall pipeline will keep running). Consider reusing the existing retry logic used elsewhere for Cosmos ETag mismatches (or implement a small bounded retry) so address space cleanup is resilient under concurrent workspace updates.
Resolves #4727
PR
What is being addressed
Currently address spaces are not cleaned up when a workspace service is uninstalled from a workspace, this could lead to ip range exhaustion.
This PR adds the functionality to delete the
address_spaceused by a workspace-service on uninstall of the service. The address range is then freed from the workspace and can be reused.How is this addressed