✨ v0.3.x: KCP: block mgmt cluster updates to v1.22.0 #5013
Conversation
k8s-ci-robot
added
cncf-cla: yes
sbueringer
force-pushed
the
pr-kcp-block-mgmt-cluster-updates
branch
from
3d081f6 to
14ec45d
Compare
k8s-ci-robot
added
size/L
sbueringer
force-pushed
the
pr-kcp-block-mgmt-cluster-updates
branch
from
14ec45d to
0ea76df
Compare
|
@vincepri @fabriziopandini PTAL :) |
|
/test pull-cluster-api-test-release-0-3 |
|
/retest |
|
Okay nope, moving it up one layer broke the tests. I'll have to investigate. |
sbueringer
changed the title
k8s-ci-robot
added
the
do-not-merge/work-in-progress
|
My local env on the old branch with kubebuilder does not really work (even with make test, I assume the problem is that Mac Security is blocking a lot of stuff). So I'll probably need a few tries to get this fixed... |
|
/test pull-cluster-api-e2e-full-release-0-3 |
sbueringer
changed the title
k8s-ci-robot
removed
the
do-not-merge/work-in-progress
|
@fabriziopandini Should be ready for review now. I moved the func in the WorkloadCluster interface as it's just a lot easier to test that way. I'm not sure what I would have to refactor to get the regular reconcile unit tests working again when I add it in one of the reconcile funcs. As I'm not that familiar with the release-0.3 e2e tests. Is the test coverage good enough or do you think I should test something manually? /test pull-cluster-api-e2e-full-release-0-3 |
fabriziopandini
left a comment
fabriziopandini
left a comment
There was a problem hiding this comment.
/lgtm
E2E could provide a signal that the change does not introduces regression, but it would be great if you could do a manual test with 1.20, then upgrade to 1.21 (everything should work), then upgrade to 1.22 (it should block)
k8s-ci-robot
added
the
lgtm
k8s-ci-robot
removed
the
lgtm
|
/retest looks like flakes to me @vincepri Thx for the review :). Findings should be fixed, ptal. |
|
updated the list of uncached types (although I'm not entirely sure it includes all necessary types). I brute-force the flakes successful after reviews :) (unit tests were successful locally) |
|
/retest |
| return nil, &RemoteClusterConnectionError{Name: clusterKey.String(), Err: err} | ||
| } | ||
|
|
||
| newClient := util.DelegatingClientFuncWithUncached( |
There was a problem hiding this comment.
@sbueringer Sorry for the confusion, could we actually try to just use the plain client.New without the delegating client and retrieve with PartialObjectMetadata directly? It should work considering that it has support for it https://github.com/kubernetes-sigs/controller-runtime/blob/release-0.5/pkg/client/client.go#L111
There was a problem hiding this comment.
Oh, yeah will try. At least I'm learning a lot :)
There was a problem hiding this comment.
Works, tested it locally with all relevant code branches of IsKubernetesVersionSupported and it uses the metaclient as expected.
|
/test pull-cluster-api-e2e-full-release-0-3 |
|
/test pull-cluster-api-test-release-0.3 @fabriziopandini Tested it locally and it worked. There were a few interesting pitfalls (cgroup-driver and local dev image). Thus, for reference: Prepare KCP imageexport REGISTRY=gcr.io/k8s-staging-cluster-api
export TAG=dev
export ARCH=amd64
export PULL_POLICY=IfNotPresent
make docker-buildSetup Management clusterkind create cluster --config /tmp/kind-cluster-with-extramounts.yaml
clusterctl-v0.3.22 init --infrastructure docker
# use KCP dev image
kind load docker-image "gcr.io/k8s-staging-cluster-api/kubeadm-control-plane-controller-amd64:dev"
kind get kubeconfig --name=$(kind get clusters | grep kind) | k8s-ctx-import; kctx kind-$(kind get clusters | grep kind)
kubectl patch deployment -n capi-kubeadm-control-plane-system capi-kubeadm-control-plane-controller-manager --type json -p='[{"op": "replace", "path": "/spec/template/spec/containers/1/image", value: "gcr.io/k8s-staging-cluster-api/kubeadm-control-plane-controller-amd64:dev"}]'Install v1.20.7 Workload Clusterclusterctl-v0.3.22 config cluster capi-quickstart --kubernetes-version v1.20.7 --control-plane-machine-count=1 --worker-machine-count=1 --flavor=development > capi-quickstart.yaml
# Edit capi-quickstart.yaml to add `cgroup-driver: cgroupfs` kubeletExtraArgs
kubectl -n default apply -f ./capi-quickstart.yaml
kubectl -n default get secret capi-quickstart-kubeconfig -o json | jq '.data.value' -r | base64 -d > /tmp/kubeconfig
sed -i -e "s/certificate-authority-data:.*/insecure-skip-tls-verify: true/g" /tmp/kubeconfig
sed -i -e "s/server:.*/server: https:\/\/$(docker port capi-quickstart-lb 6443/tcp | sed "s/0.0.0.0/127.0.0.1/")/g" /tmp/kubeconfig
kubectl --kubeconfig=/tmp/kubeconfig apply -f https://docs.projectcalico.org/v3.15/manifests/calico.yamlPivot workload cluster to self-hosted management clusterclusterctl-v0.3.22 init --infrastructure docker --kubeconfig=/tmp/kubeconfig
# use KCP dev image
kind --name capi-quickstart load docker-image "gcr.io/k8s-staging-cluster-api/kubeadm-control-plane-controller-amd64:dev"
kubectl --kubeconfig=/tmp/kubeconfig patch deployment -n capi-kubeadm-control-plane-system capi-kubeadm-control-plane-controller-manager --type json -p='[{"op": "replace", "path": "/spec/template/spec/containers/1/image", value: "gcr.io/k8s-staging-cluster-api/kubeadm-control-plane-controller-amd64:dev"}]'
clusterctl-v0.3.22 move --to-kubeconfig=/tmp/kubeconfigUpdate to v1.21.2kubectl --kubeconfig=/tmp/kubeconfig patch kcp capi-quickstart-control-plane --type json -p='[{"op": "replace", "path": "/spec/version", value: "v1.21.2"}]'
# load KCP dev image on the new node
kind --name capi-quickstart load docker-image "gcr.io/k8s-staging-cluster-api/kubeadm-control-plane-controller-amd64:dev"
kubectl --kubeconfig=/tmp/kubeconfig patch md capi-quickstart-md-0 --type json -p='[{"op": "replace", "path": "/spec/template/spec/version", value: "v1.21.2"}]'
# load KCP dev image on the new node
kind --name capi-quickstart load docker-image "gcr.io/k8s-staging-cluster-api/kubeadm-control-plane-controller-amd64:dev"Update to v1.22.0kubectl --kubeconfig=/tmp/kubeconfig patch kcp capi-quickstart-control-plane --type json -p='[{"op": "replace", "path": "/spec/version", value: "v1.22.0"}]'Update to 1.21 worked and the last step resulted in the following log in KCP: I0729 13:25:34.603463 1 upgrade.go:59] "msg"="Kubernetes version \"v1.22.0\" is not supported for management clusters" "cluster-name"="capi-quickstart" "name"="capi-quickstart-control-plane" "namespace"="default" |
|
@sbueringer: The specified target(s) for
The following commands are available to trigger optional jobs:
Use
In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
|
/test pull-cluster-api-test-release-0-3 |
|
/test @k8s-ci-robot |
|
@sbueringer: The specified target(s) for
The following commands are available to trigger optional jobs:
Use
In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
|
/test pull-cluster-api-test-release-0-3 |
|
@sbueringer Let's squash :) |
Signed-off-by: Stefan Büringer buringerst@vmware.com
sbueringer
force-pushed
the
pr-kcp-block-mgmt-cluster-updates
branch
from
95f8b2c to
8456ae8
Compare
Done :) |
k8s-ci-robot
added
the
lgtm
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: vincepri The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
k8s-ci-robot
added
the
approved
4 participants
What this PR does / why we need it:
See linked issue
Which issue(s) this PR fixes (optional, in
fixes #<issue number>(, fixes #<issue_number>, ...)format, will close the issue(s) when PR gets merged):Partially implements #4966