test/k8s: keep configmap across upgrade test #12051
Conversation
aanm
added
sig/k8s
|
test-me-please |
|
test-missed-k8s |
aanm
force-pushed
the
pr/fix-upgrade-config-map
branch
from
0a6cd59
to
11ca347
Compare
|
test-focus K8sUpdates |
aanm
force-pushed
the
pr/fix-upgrade-config-map
branch
from
11ca347
to
e9ca3b7
Compare
|
test-focus K8sUpdates |
aanm
added
needs-backport/1.7
priority/high
aanm
force-pushed
the
pr/fix-upgrade-config-map
branch
from
e9ca3b7
to
ef3a921
Compare
|
test-focus K8sUpdates |
1 similar comment
|
test-focus K8sUpdates |
| Deployments using the `ConfigMap` which is not generated if | ||
| ``config.enabled=false`` is set. The above command *only* generates the | ||
| DaemonSet, Deployment and RBAC definitions. | ||
| ``config.enabled=false`` or ``config.keepCurrent=true`` are set. The above | ||
| command *only* generates the DaemonSet, Deployment and RBAC definitions. |
There was a problem hiding this comment.
Actually we need to drop this hunk.
aanm
added
the
kind/regression
aanm
force-pushed
the
pr/fix-upgrade-config-map
branch
from
ef3a921
to
5ef27cc
Compare
joestringer
force-pushed
the
pr/fix-upgrade-config-map
branch
from
5ef27cc
to
fa1c9a3
Compare
|
test-focus K8sUpdates |
joestringer
force-pushed
the
pr/fix-upgrade-config-map
branch
from
fa1c9a3
to
7de5380
Compare
|
test-focus K8sUpdates |
joestringer
force-pushed
the
pr/fix-upgrade-config-map
branch
from
7de5380
to
be76441
Compare
|
test-focus K8sUpdates |
|
test-me-please |
Documentation/install/upgrade.rst
Outdated
| Deploy Cilium release via Helm (Running this command will overwrite the | ||
| existing cluster's `ConfigMap` which might not be ideal if you want to keep | ||
| your existing `ConfigMap`.) |
There was a problem hiding this comment.
For micro releases, we should just use --reuse-values.
There was a problem hiding this comment.
oh, actually AFAIU since we don't specify any --set, --reuse-values is the default.
Documentation/install/upgrade.rst
Outdated
| Deploy Cilium release via Helm: | ||
| Deploy Cilium release via Helm (Running this command will overwrite the | ||
| existing cluster's `ConfigMap` which might not be ideal if you want to keep | ||
| your existing `ConfigMap`.) |
There was a problem hiding this comment.
Do we need an overall warning that this will possibly break compatibility as we will use the new helm defaults for upgrades? So far we have been assuming that the ConfigMap values would remain unchanged. The above helm template will overwrite it as far as I understand. Our backwards compatibility guarantee has been around not changing the defaults in the binary but default breaking changes to the new value in the ConfigMap so new deployments get the good new values without breaking existing clusters?
There was a problem hiding this comment.
Do we need an overall warning that this will possibly break compatibility as we will use the new helm defaults for upgrades?
yes. I think we need to take an overall look at this section since we use helm upgrade in a couple places.
So far we have been assuming that the ConfigMap values would remain unchanged. The above helm template will overwrite it as far as I understand
good point, I've added the warning in the notes section.
Our backwards compatibility guarantee has been around not changing the defaults in the binary but default breaking changes to the new value in the ConfigMap so new deployments get the good new values without breaking existing clusters?
If I understand you correctly, yes that is supposed to be our guarantee.
Since we have new options set for new Cilium installations those might break the connectivity when doing upgrades. To ideally test an upgrade, we should keep the existing ConfigMap from the previous the version. This also fixes the upgrade guide using helm as using `--set config.enabled=false` deploys Cilium without its configuration map, deleting the existing one from the cluster. Also fixes the Cilium DaemonSet since its upgrade does not work using kubectl apply given that we have introduced a new liveness and readiness probes in the DaemonSet. Added upgrade notes to keep the old probes while users perform the upgrades. Fixes: d613dea ("install/kubernetes: use HTTP for agent {liveness,readiness}Probe") Signed-off-by: André Martins <andre@cilium.io>
Unless the user explicitly specifies the IPAM in use, fall back to the default cilium-operator image and use the legacy host-scope IPAM to ensure that during upgrade from a previous release that Cilium is not automatically migrated to the new IPAM model; that should be an explicit opt-in step that the user performs subsequently. Signed-off-by: André Martins <andre@cilium.io> Signed-off-by: Joe Stringer <joe@cilium.io>
aanm
force-pushed
the
pr/fix-upgrade-config-map
branch
from
be76441
to
07ea918
Compare
|
no need to re-rerun the CI since all tests have passed before pushing again to fix some typos. |
maintainer-s-little-helper
bot
moved this from Needs backport from master
to Backport pending to v1.8
in 1.8.0
maintainer-s-little-helper
bot
moved this from Backport pending to v1.8
to Backport done to v1.8
in 1.8.0
maintainer-s-little-helper
bot
moved this from Needs backport from master
to Backport pending to v1.7
in 1.7.6
test/k8s: keep configmap across upgrade test
Since we have new options set for new Cilium installations those
might break the connectivity when doing upgrades.
To ideally test an upgrade, we should keep the existing ConfigMap
from the previous the version.
This also fixes the upgrade guide using helm as using
--set config.enabled=falsedeploys Cilium without its configuration map,deleting the existing one from the cluster.
Also fixes the Cilium DaemonSet since its upgrade does not work using
kubectl apply given that we have introduced a new liveness and readiness
probes in the DaemonSet. Added upgrade notes to keep the old probes
while users perform the upgrades.
Fixes: d613dea ("install/kubernetes: use HTTP for agent {liveness,readiness}Probe")
Signed-off-by: André Martins andre@cilium.io