-
Notifications
You must be signed in to change notification settings - Fork 4.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
not possible to rolling update cluster #9953
Comments
@johngmyers as you have done #9653 which makes this bug happen, do you have any ideas how we could fix this correctly? My fix is dirty fix and it will not work in all cases. It might be that there is 1 old kops-controller after full kops rolling-update cluster. This happens only if the cluster is created before kops 1.19 like using kops 1.18. |
Ok we fixed this in following way:
Where the hack.yaml is following:
warning tested only in OpenStack |
Setting an The hack is likely to result in non-working (or only partially-working) kops-controllers on AWS, as it won't provision the keys/certs that the AWS bootstrap server needs. It might be enough to get cluster validation to pass long enough for the control plane to update. A simpler form of that hack would be to make the I wonder if we could put an additional As a separate issue, we might want to make it so that bastions don't apply addons. I'm a bit concerned that they even have the credentials to be able to do that. Or is it that the old control plane nodes are picking up and applying the new set of addon manifests? |
If we do go with |
@johngmyers I can confirm that this workaround does not work for AWS, it do work only in OpenStack |
The same "problem" can exist for DaemonSets too. So not only things running on masters. We could add a nodeselector to the channels API and when that selector is set, channels cmd set |
@johngmyers So sorry to ask again but I'm having this exact same problem after upgrading from 1.18.1 to 1.19.0... How can I fix this? :( PS: Going back to v1.18.1 is definetly an option, I tried but still the same problem. Thanks |
@alesanmed can you file a new issue about this? |
@olemarkus Sorry for not replying. I managed to rollback the cluster version and, since I've seen that the v1.19 is still an alpha, I'll wait for a stable release. Don't want to bother with issues since I'm sure they're going to fix them. Thanks!! |
1. What
kops
version are you running? The commandkops version
, will displaythis information.
1.19 alpha 4
2. What Kubernetes version are you running?
kubectl version
will print theversion if a cluster is running or provide the Kubernetes version specified as
a
kops
flag.1.19.1
3. What cloud provider are you using?
openstack / aws
4. What commands did you run? What is the simplest way to reproduce this issue?
I am updating clusters from 1.17 / 1.18 -> 1.19.1
kops update cluster --yes && kops rolling-update --yes
5. What happened after the commands executed?
Bastion is rotated fine. However, after the bastion is rotated something is executing new manifests for kops-controller. This will lead to following situation:
So the new kops-controller manifest is NOT backwards compatible and this means that only way to update kops cluster masters currently is roll ALL masters at once (or skip cluster validation or modify kops controller manifest and be fast). The folder does not exist (yet) in old masters installed by older kops version. This folder is available only in newest kops version. So it should not update the manifest before the folder really exists.
6. What did you expect to happen?
I expect that rolling update should work usually
The text was updated successfully, but these errors were encountered: