fix(deploy): use recreate strategy and 1 replica #499
Conversation
About this, I am bit unsure what causes the main deployment to rollout new pods if this does not change its spec? Setting |
|
I also got a bit of an issue when creating a report replica as pod seems to in exec /deployments/run-java.sh: permission deniedI am using Cluster Bot with OCP 4.11.1 |
This ends up setting the So there is a subtle config change on the main deployment as well. |
Oh this again. We've encountered this with some of our sample apps. It's a matter of updating our Dockerfiles. You should still be able to test this PR though. Instead of the reports replicas, you could try switching |
Ah niceee! I didnt notice before. Make sense! Thanks :D |
There was a problem hiding this comment.
Oh this again. We've encountered this with some of our sample apps. It's a matter of updating our Dockerfiles. You should still be able to test this PR though. Instead of the reports replicas, you could try switching enableCertManager.
Nice, so its unrelated then. And looks great to me and deployments are recreated as expected. And thanks a lot for explaining those above :D
(cherry picked from commit ef81336)
There are two bugs that occur due to replicas contending for access to the credentials database, and replicas on different nodes competing for the PVC itself. Cryostat is currently meant to work as a single replica, but during rolling updates there could be two simultaneously.
To avoid these issues, we're changing the deployment strategy from the default of
RollingUpdatetoRecreate. As a result there will be some brief downtime in response to upgrades or configuration changes. The other change is the operator managing theReplicasfield of the main Cryostat deployment. This is to ensure that the replica count stays at 1 to avoid the above bugs.To test:
make deploy create_cryostat_cr OPERATOR_IMG=....kubectl edit cryostat cryostat-sample. Change some field such as settingreportOptions.replicasto 1.Fixes: #487, #491