Enable etcd cluster scaling for userclusters

[moelsayed]

What this PR does / why we need it:

• Enables configurable etcd cluster size in the user cluster spec.
• Managed scale up/down for etcd stateful set.
• Automatic etcd member join and reconcile.
• Adds http based liveness probe for etcd pods
  Which issue(s) this PR fixes (optional, in fixes #<issue number>(, fixes #<issue_number>, ...) format, will close the issue(s) when PR gets merged):
  Fixes Support configurable user cluster etcd cluster size #5545

Special notes for your reviewer:

Documentation:

Does this PR introduce a user-facing change?:

Adds configurable etcd cluster size to user cluster spec. 

[multi-io]

Tested with a pre-existing, running cluster with 3 replicas. The statefulset ended up being reduced to 2 replicas, I assume here (.Spec.EtcdClusterSize not set => etcdClusterSize:=0; replicas:=3; isEtcdHealthy:=true => return 2). The etcd launcher then refuses to launch a 2-node cluster because that's smaller than the defaultClusterSize (3), leading to a permanently non-running cluster. Is the idea that the admin must always set .Spec.EtcdClusterSize?

[moelsayed]

No, it's defaulted here, which runs as part of the API server. I am not 100% sure if it will default existing clusters as well. But it is a good point, we should be more defensive here.

[multi-io]

Confirmed that an existing cluster is migrated to the new launcher properly if .spec.etcdClusterSize is set to 3 first. Maybe we should just treat an unspecified (==0) value for the field as if the field was set to 3.

[multi-io]

No, it's defaulted here, which runs as part of the API server. I am not 100% sure if it will default existing clusters as well. But it is a good point, we should be more defensive here.

Yeah the defaulting I saw too, but I'm pretty sure that's only called when new clusters are created.

[moelsayed]

@multi-io I just pushed a fix for it. Can you please confirm it's working?

[multi-io]

Confirmed. Existing etcd cluster was migrated without having to manually set .spec.etcdClusterSize or anything else in the cluster resource.

[moelsayed]

@multi-io I think this should work https://github.com/kubermatic/kubermatic/pull/5571/files#diff-60471266513513d81d30f4855c2c01e2R316

[moadqassem]

This line and the line underneath it has no error check, I know the original code had no error check either but would make since to add some checks here.

[moadqassem]

One other thing regarding this line and the one above, are you using it for debugging? because normally env vars are populated via the job instead of setting explicitly in the code.

[moadqassem]

The way we actually pass configs to the bin/cmd, is via having the args/options pattern. In other words, we pass those configs as flags to the cmd instead of env vars. So it follows as:

• From out side(e.g: job runner) env vars are being created and passed to the container for example.
• Inside the container/job the configs are passed as flags.

For more information take a look at the user-cluster-controller-manager and how those args are read via the hack script

[moadqassem]

Shouldn't we make suer that etcd cmd exists before doing any calls or preparation? if os.Status("") => not exist return an error as early as possible?

[moadqassem]

Nit:maybe check the error then cancel? defer cancel()

[moadqassem]

Nit:maybe check the error then cancel? defer cancel()

[moadqassem]

I don't understand this one, so when the client is not nil you are returning nil, shouldn't you return the client here?

[moelsayed]

client is set in the etcdCluster struct. If it's nil, I create it and assign it to e.client instead of passing it around.

[moadqassem]

So here you are trying to make sure that the storage is healthy, so you are trying to get valid results in 5 times. In general that's valid of course but what about adding some semantics something similar to this

	var (
		tries    int
		maxTries int
                healthy bool
	)

	for tries < maxTries {
		if healthy, err = e.isHealthy(); !healthy || err != nil {
			log.Error("...")
			time.Sleep(500 * time.Milisecond)
			tries++
			continue
		}
		log.Info("...")
		break
	}

      if !healthy || err != nil {
       log.Fatal("failed for ever")
     } 

[moadqassem]

Or you can try out this lovely package:
https://godoc.org/k8s.io/apimachinery/pkg/util/wait#Poll

[multi-io]

I think the cluster size field should be .spec.etcd.clusterSize instead of .spec.etcdClusterSize, i.e. have a spec.etcd map in there that can accommodate future etcd-related settings.

[moadqassem]

Shouldn't we log the error in the for loop? this line and the lines underneath it?

[moadqassem]

typo: s/hte/the

[moadqassem]

typo: s/ECTD/ETCD

[moadqassem]

typo: s/ECTD/ETCD

typo: s/then/than

[moadqassem]

This can be derived instead and declared inside the for loop since you are not using outside of it:

resp, err = e.localClient.Status(context.Background(), e.endpoint())

[moadqassem]

you don't need the check here and you are not wrap the error, thus remove the if statement please and return the method.

return e.client.MemberRemove(context.Background(), member.ID)

[moelsayed]

/retest

[moelsayed]

/retest

[moadqassem]

Please regroup the imports respectively :

• go sdk imports("context")
• third party imports("go.uber.org/zap")
• kubermatic/machine-controller imports
• k8s imports

[moadqassem]

Please use logging with additional context with error wrapping:
log.Warnw("failed to list memebers ", zap.Error(err))

[moadqassem]

Please follow the pattern that we use regaring contextual logs:
log.Fatalw("can't find command","command-path", etcdCommandPath, zap.Error(err))

[moadqassem]

You don't need to check the error two times, instead make the log message more general:
log.Warnw("failed to remove member, error occurred or didn't get the current leader", zap.Error(err))

In this case, if there was an error it will be printed out as an error

[moadqassem]

Please adjust.
log.Warnw("failed to remove member", zap.Error(err))

[moadqassem]

Please use:
log.Infow("member is not responding, removing from cluster", "member-name", member.Name)

[moadqassem]

This variable collides with the "log" imported package

[moelsayed]

The imported package is aliased, so it should be ok?

[moadqassem]

I don't quite understand the comment, can you please make it clearer :-)

[moadqassem]

If this is not needed can you please remove it?

[moadqassem]

Can you please move this line to 341, as this line is evaluated and not used if the etcdClusterSize == replicas

[moelsayed]

/test pre-kubermatic-e2e-aws-flatcar-1.18

[moelsayed]

/retest

[moelsayed]

/retest

[moadqassem]

/approve
/lgtm

[kubermatic-bot]

LGTM label has been added.

Git tree hash: 95798e4abc12a40a47b037e6c9551941f4531c5c

[kubermatic-bot]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: moadqassem, moelsayed

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

• OWNERS [moadqassem,moelsayed]
• cmd/OWNERS [moadqassem,moelsayed]
• pkg/controller/OWNERS [moadqassem,moelsayed]
• pkg/crd/OWNERS [moadqassem,moelsayed]
• pkg/resources/OWNERS [moadqassem,moelsayed]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[kubermatic-triage-bot]

/retest
This bot automatically retries jobs that failed/flaked on approved PRs

Review the full test history

Silence the bot with an /lgtm cancel or /hold comment for consistent failures.

Also, here is a cat.
/meow

[kubermatic-bot]

@kubermatic-triage-bot:

In response to this:

/retest
This bot automatically retries jobs that failed/flaked on approved PRs

Review the full test history

Silence the bot with an /lgtm cancel or /hold comment for consistent failures.

Also, here is a cat.
/meow

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

[moelsayed]

/retest