KEP-21: Upgrading KUDO #1124
KEP-21: Upgrading KUDO #1124
Conversation
There was a problem hiding this comment.
Just did a first pass, I need to process/think about it now. Few high level ideas that might simplify some parts:
- I think a lot of migration code could be just updating the resources in the cluster, pretty much doing
kudo init -o yaml --dry-run | kubectl apply -f - - I think using conversion webhooks will simplify this a lot and if we commit to always use it for newer version it will make our life easier, I think the supported k8s version is not limiting us here
Also probably worth some thought - what if we supported upgrades via helm? Would that actually help us in any way? How would that look like?
keps/0021-kudo-upgrade.md
Outdated
|
|
||
| ## Open Questions | ||
| - Lowest supported K8s version | ||
| - Do we want to support downgrades? |
There was a problem hiding this comment.
I would say no right now, definitely not in this kep - on the other hand, what if I upgrade but need to rollback again? 🤔
There was a problem hiding this comment.
Yeah, I don't really want to support it either, but I think it's important enough to have a (small) discussion about it. And if we decide to go with the conversion webhooks, it might not be that difficult to do.
There was a problem hiding this comment.
oh we have to do conversion webhooks - do you feel like there's any reason not to do them?
keps/0021-kudo-upgrade.md
Outdated
| ## Open Questions | ||
| - Lowest supported K8s version | ||
| - Do we want to support downgrades? | ||
| - Split versions between KUDO manager and KUDO CLI? |
There was a problem hiding this comment.
could you write more about why?
There was a problem hiding this comment.
They're basically two different programs that only communicate via CRDs. It might make something easier having split versions, for example bug fixes in manager only without having a new KUDO CLI version that does not change anything in the CLI.
But it would introduce a new compatibility matrix, and having "empty" version changes on manager or CLI isn't that big of an issue. I lean towards having a single version for both parts of KUDO.
There was a problem hiding this comment.
yeah, me too I think until there's a compelling reason to split them, having them as one is a big win, I would almost go as far as resolve this question with - no :) especially since there's no real as for this and the scope of this KEP is already pretty big
| Versioned: No, but closely tied to KUDO manager | ||
|
|
||
| The KUDO manager has a set of prerequisites that need to be present for the manager to run successfully. They are | ||
| the least likely to change, but probably the most specific. If we make changes here, we need to implement custom |
There was a problem hiding this comment.
by the way - new features might actually touch those, e.g. take a look at my webhook PR. I wonder what is a good strategy for those. I mean in there I:
- added new prereqs, that's easy, you just create those on upgrade
- updated manager - could we just patch the manager in that case?
Also could you maybe show how would the custom migration code look like? I think the webhook is a great example
keps/0021-kudo-upgrade.md
Outdated
| Each migration should have a validate-step that checks if the migration is possible. | ||
|
|
||
| **Alternative update process** | ||
| - Can we just delete them all and reinstall them? Probably not |
There was a problem hiding this comment.
what about updating them? just as you do with any other resource, what are the challenges with that?
There was a problem hiding this comment.
Yes, updating is probably the only possible way. The idea with "Delete all and install fresh" would be to not do migrations but to always just install the expected state, but I don't think that's really possible.
keps/0021-kudo-upgrade.md
Outdated
|
|
||
| - Use semantic versioning for the manager binary | ||
| - ToBeDiscussed: Use different versioning for Manager and CLI? | ||
| - The manager needs to be shut down before updating the CRDs |
There was a problem hiding this comment.
does it? why? also are we talking about updating crd of the same version or updating to newer version or both?
There was a problem hiding this comment.
Well - this assumes we're not using the conversion web hook, and therefore can't serve different versions of a CR and need to migrate them manually. In that case, having a manager running that tries to read or modify the old version of CRs would be problematic.
Regarding updating CRDs with the same version - Is that something that is commonly used? I can imagine updating a CRD with new fields, assuming it's backwards compatible and defaults are provided, but in which case is the version of a CRD updated then? Only in case of breaking changes?
There was a problem hiding this comment.
I just read the K8s documentation on API changes. (https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api_changes.md) Explains a lot. I'll update the KEP.
keps/0021-kudo-upgrade.md
Outdated
| fields. | ||
| - Existing CRs need to be migrated to new versions | ||
| - K8s CRD support | ||
| - Which K8s version do we want/need to support? |
There was a problem hiding this comment.
I guess this is kind of given by what kubernetes version we support in which version of manager? Maybe we should somehow define that as well?
There was a problem hiding this comment.
Well, it mostly comes down to: Do we want to use conversion webhooks or not.
keps/0021-kudo-upgrade.md
Outdated
| - MultiVersion is supported since 1.11 (manual conversion) | ||
| - WebHook conversion since 1.16 | ||
| - WebHook conversion would allow us to transparently switch to a new CRD version without manually migrating all existing CRs | ||
| - CRD versioning |
There was a problem hiding this comment.
I would probably rather stick with one version if we can for now to not make things compilcated.
There was a problem hiding this comment.
Hmmmm, if we don't enforce the same requirements on CRD stability as k8s itself, this might be possible. We would have to enforce that KUDO CLI is at least the same version as the installed KUDO manager though, otherwise and older CLI version could drop fields from a CR that it doesn't know about...
keps/0021-kudo-upgrade.md
Outdated
| #### Proposal for update process | ||
| Integrated into `kudo init --upgrade` | ||
|
|
||
| To support older K8s versions, no WebHook conversion is used. We only serve a single CRD-Version and migrate existing CRs in the update process |
There was a problem hiding this comment.
I think we're fine in terms of kube version here Webhook conversion is available as beta since 1.15, and as alpha since Kubernetes 1.13.
There was a problem hiding this comment.
Which means, the operating cluster needs to have webhook conversion explicitly enabled for KUDO to work. I'm not sure if we want to make this a requirement for KUDO, tbh.
keps/0021-kudo-upgrade.md
Outdated
| - Do we allow an older KUDO CLI to be used with a newer KUDO installation? | ||
|
|
||
| #### Proposal for update process | ||
| User has to download newest KUDO version. |
There was a problem hiding this comment.
yeah I think replacing the binary or dowing upgrade via brew is good enough here 👍
There was a problem hiding this comment.
Yeah, i think this is the most simple part of the update process :)
keps/0021-kudo-upgrade.md
Outdated
| - Every migration step after the installed version is executed | ||
| - Every migration step only migrates the prerequisites from the previous version to the marked version of the migration | ||
|
|
||
| 2. Have only one setup/update version in KUDO |
There was a problem hiding this comment.
I think we should start with this and introduce migrations when there's very compelling reason to do so. I can see all our current migration needs in the last versions to be covered with this.
Added section about operator compatibility Signed-off-by: Andreas Neumann <aneumann@mesosphere.com>
ANeumann82
requested review from
gerred,
kensipe,
nfnt and
zen-dog
as code owners
| We may arrive at a point where we need to implement custom migration logic between KUDO versions, but so far this would mean a lot of | ||
| implementation effort without a defined use case. | ||
|
|
||
| ### KUDO Manager |
There was a problem hiding this comment.
Is there any expectation on the manager to re-process plans that have been run on previous versions? I'm thinking of scenarios where there might be a bug in a previous version that would have caused the plan to not be executed correctly, and want to re-process the plans to correct the mistake.
There was a problem hiding this comment.
I don't think that would be a good idea to do automatically. For some plans that may be ok, but others not as much - restore plans, node replaces, etc.
There will be some kind of framework to write migrations, I guess, to fix major issues that need to be fixed, but nothing like just re-processing plans.
|
@ANeumann82 ping... what is next here |
|
retargeting for 0.13.0 |
Signed-off-by: Andreas Neumann <aneumann@mesosphere.com>
Signed-off-by: Andreas Neumann <aneumann@mesosphere.com>
… scope here Signed-off-by: Andreas Neumann <aneumann@mesosphere.com>
Signed-off-by: Andreas Neumann <aneumann@mesosphere.com>
Signed-off-by: Andreas Neumann <aneumann@mesosphere.com>
What this PR does / why we need it:
At the moment, we do not have a process or code for upgrading KUDO.
This is an early draft to invite discussion.