Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Drop the cdk-addons label on ceph and keystone components #233

Merged
merged 9 commits into from
Jul 1, 2024
Merged

Drop the cdk-addons label on ceph and keystone components #233

merged 9 commits into from
Jul 1, 2024

Conversation

addyess
Copy link
Member

@addyess addyess commented Jun 24, 2024
edited
Loading

Addresses Issues

LP#2068770
LP#2070053
LP#2070379

Overview

Actively retire certain addons from cdk-addons management by rendering them into a new directory for the snap to manipulate called addons-retired, then dropping the cdk-addon label for each component.

Details

cdk-addons.apply called by the charm on each hook, will apply any templates which get rendered into the /root/snap/cdk-addons/current/addons directory. We should ensure than some components are not kubectl applied in 1.29 and beyond because they may be charm managed or managed manually.

cdk-addons.apply also prunes component which shouldn't be installed. It will find resource with the label cdk-addons=true in cluster, and if they aren't rendered into the addons directory, they will be removed. So it's not enough to stop rendering retired components -- we must actively ignore them

Since, Ceph and Keystone are being actively dropped starting in the 1.29 release and the cdk-addons snap needs to stop managing them -- the charm will not change the configuration on the stop starting in 1.29, so components like ceph and keystone may still be enabled. If they were enabled pre 1.29, the snap would still be actively managing them.

These changes tell the snap to remove the label from each resource, and to not re-apply the resources if they are removed or changed in the cluster.

@addyess addyess force-pushed the akd/actively-ignore-previous-addons branch from f1c0382 to b11f151 Compare June 24, 2024 16:47
@addyess addyess force-pushed the akd/actively-ignore-previous-addons branch from b11f151 to 39f1468 Compare June 24, 2024 17:26
@addyess addyess marked this pull request as ready for review June 24, 2024 18:37
@addyess addyess force-pushed the akd/actively-ignore-previous-addons branch 2 times, most recently from 4a3d491 to d8b1923 Compare June 24, 2024 18:38
@addyess addyess force-pushed the akd/actively-ignore-previous-addons branch from d8b1923 to d6be0af Compare June 24, 2024 18:38
addyess
addyess commented Jun 24, 2024
View reviewed changes
cdk-addons/apply Outdated
Comment on lines 380 to 389
# it has our label but isn't a current addon
if resource in ignored_addons:
# either actively ignore it
print("Ignoring %s %s/%s" % resource)
args = ["label", kind, name, "-n", namespace, "cdk-addons-"]
else:
# or delete it!
print("Deleting %s %s/%s" % resource)
args = ["delete", "--wait=false", kind, name, "-n", namespace]

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

with these changes the snap outputs this on apply when keystone is enabled:

Retiring addon: keystone
Checking for addons to prune
  from /root/snap/cdk-addons/x1/addons/kube-state-metrics-deployment.yaml
  from /root/snap/cdk-addons/x1/addons/auth-delegator.yaml
  from /root/snap/cdk-addons/x1/addons/kube-state-metrics-cluster-role.yaml
  from /root/snap/cdk-addons/x1/addons/core-dns.yaml
  from /root/snap/cdk-addons/x1/addons/metrics-apiservice.yaml
  from /root/snap/cdk-addons/x1/addons/metrics-server-deployment.yaml
  from /root/snap/cdk-addons/x1/addons/kube-state-metrics-cluster-role-binding.yaml
  from /root/snap/cdk-addons/x1/addons/resource-reader.yaml
  from /root/snap/cdk-addons/x1/addons/auth-reader.yaml
  from /root/snap/cdk-addons/x1/addons/kube-state-metrics-service.yaml
  from /root/snap/cdk-addons/x1/addons/kube-state-metrics-service-account.yaml
  from /root/snap/cdk-addons/x1/addons/kubernetes-dashboard.yaml
  from /root/snap/cdk-addons/x1/addons/metrics-server-service.yaml
Checking for addons to ignore
  from /root/snap/cdk-addons/x1/addons-retired/keystone-auth-certs-secret.yaml
  from /root/snap/cdk-addons/x1/addons-retired/keystone-deployment.yaml
  from /root/snap/cdk-addons/x1/addons-retired/keystone-rbac.yaml
  from /root/snap/cdk-addons/x1/addons-retired/keystone-service.yaml

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

and the label is removed:

apiVersion: apps/v1
kind: Deployment
metadata:
  labels:
    app: k8s-keystone-auth
    cdk-restart-on-ca-change: "true"
  name: k8s-keystone-auth
  namespace: kube-system

hmm -- i wonder about that other label cdk-restart-on-ca-change

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Great, now we can remove BOTH labels 🗡️

@addyess addyess force-pushed the akd/actively-ignore-previous-addons branch from 0d53605 to 8ea6a3c Compare June 24, 2024 18:57
@addyess addyess mentioned this pull request Jun 25, 2024
Merged
@addyess addyess changed the title Drop the cdkaddons label on ceph and keystone components Drop the cdk-addons label on ceph and keystone components Jun 25, 2024
kwmonroe
kwmonroe approved these changes Jul 1, 2024
View reviewed changes
Copy link
Contributor

@kwmonroe kwmonroe left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks @addyess; this is a great step towards moving mgmt of included snap addons into individually configurable charms. Nice job!

@kwmonroe kwmonroe merged commit 6766268 into main Jul 1, 2024
6 checks passed
@kwmonroe kwmonroe deleted the akd/actively-ignore-previous-addons branch July 1, 2024 18:30
kwmonroe pushed a commit that referenced this pull request Jul 1, 2024
@addyess @kwmonroe
Drop the cdk-addons label on ceph and keystone components (#233)
1889bd4 
* Drop the cdkaddons label on ceph and keystone components

* remove ceph-csi reboot workaround, address retirement collection

* Add ceph and k8s keyston to retire commit list

* remove cdk-restart-on-ca-change label as well

* consolidate kubectl calls in prune method

* update calls to ruff

* Adjust call to _try_kubectl

* Retire components: gpu and cloud-providers

* relabel retired components with cdk-addons-retired=true
kwmonroe pushed a commit that referenced this pull request Jul 1, 2024
@addyess @kwmonroe
Drop the cdk-addons label on ceph and keystone components (#233)
2957e3f 
* Drop the cdkaddons label on ceph and keystone components

* remove ceph-csi reboot workaround, address retirement collection

* Add ceph and k8s keyston to retire commit list

* remove cdk-restart-on-ca-change label as well

* consolidate kubectl calls in prune method

* update calls to ruff

* Adjust call to _try_kubectl

* Retire components: gpu and cloud-providers

* relabel retired components with cdk-addons-retired=true
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@kwmonroe kwmonroe kwmonroe approved these changes

Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@addyess @kwmonroe