Only support default partition in server cluster #721
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
thisisnotashwin
requested review from
lkysow,
a team,
sadjamz and
kschoche
and removed request for
a team and
sadjamz
lawliet89
pushed a commit
to lawliet89/consul-k8s
that referenced
this pull request
Sep 13, 2021
In almost all cases, users want to set bootstrapExpect to the number of server replicas. This change defaults it to null in values.yaml and then in the template if it's left as null, then we set the -bootstrap-expect flag to the number of server replicas. This is backwards compatible, if users have been setting this it will continue to be set. Also error out if bootstrapExpect is less than the number of replicas because this is definitely a misconfiguration as the servers won't wait until the proper number have started before electing a leader.
thisisnotashwin
force-pushed
the
default-partitions
branch
from
74a17a0 to
5a882a8
Compare
thisisnotashwin
force-pushed
the
partitions
branch
from
8073aee to
5ac36a8
Compare
kschoche
reviewed
Sep 14, 2021
| cd `chart_dir` | ||
| assert_empty helm template \ | ||
| -s templates/partition-init-role.yaml \ | ||
| --set 'global.adminPartitions.enabled=true' \ |
There was a problem hiding this comment.
I think the description or the test is wrong here on whether or not adminPartitions.enabled is true or false!
There was a problem hiding this comment.
Good catch!
kschoche
reviewed
Sep 14, 2021
kschoche
reviewed
Sep 14, 2021
| --set 'global.adminPartitions.name=test' \ | ||
| . | ||
|
|
||
| [ "$status" -eq 1 ] |
kschoche
approved these changes
Sep 14, 2021
thisisnotashwin
force-pushed
the
partitions
branch
from
5ac36a8 to
30126ae
Compare
thisisnotashwin
force-pushed
the
default-partitions
branch
2 times, most recently
from
171379f to
7bb77a2
Compare
lkysow
approved these changes
Sep 14, 2021
| @@ -1,5 +1,7 @@ | |||
| {{- if (or (and (ne (.Values.client.enabled | toString) "-") .Values.client.enabled) (and (eq (.Values.client.enabled | toString) "-") .Values.global.enabled)) }} | |||
| {{- if (and (and .Values.global.tls.enabled .Values.global.tls.httpsOnly) (and .Values.global.metrics.enabled .Values.global.metrics.enableAgentMetrics))}}{{ fail "global.metrics.enableAgentMetrics cannot be enabled if TLS (HTTPS only) is enabled" }}{{ end -}} | |||
| {{- $serverEnabled := (or (and (ne (.Values.server.enabled | toString) "-") .Values.server.enabled) (and (eq (.Values.server.enabled | toString) "-") .Values.global.enabled)) -}} | |||
| {{- if (and .Values.global.adminPartitions.enabled $serverEnabled (ne (.Values.global.adminPartitions.name | toString) "default"))}}{{ fail "global.adminPartitions.name has to be \"default\" in the server cluster" }}{{ end -}} | |||
There was a problem hiding this comment.
Suggested change
| {{- if (and .Values.global.adminPartitions.enabled $serverEnabled (ne (.Values.global.adminPartitions.name | toString) "default"))}}{{ fail "global.adminPartitions.name has to be \"default\" in the server cluster" }}{{ end -}} | |
| {{- if (and .Values.global.adminPartitions.enabled $serverEnabled (ne .Values.global.adminPartitions.name "default"))}}{{ fail "global.adminPartitions.name has to be \"default\" in the server cluster" }}{{ end -}} |
Does it need toString?
| apiVersion: v1 | ||
| kind: ConfigMap | ||
| metadata: | ||
| name: {{ template "consul.fullname" . }}-partition-configmap |
There was a problem hiding this comment.
Can we drop the configmap suffix since we don't need the type as it will be implied by the kind of the resource.
charts/consul/values.yaml
Outdated
Comment on lines
40
to
44
| # The name of the Admin Partition. Must be "default" in the server cluster ie the Kubernetes cluster that | ||
| # the Consul server pods are deployed onto. | ||
| name: "default" |
There was a problem hiding this comment.
Should note that:
- Can be something other than default in "non-server" clusters
- Can't be changed after initial installation. If they wish to change it they need to uninstall Consul.
- This does not cause the parition-init job from running or the agents from attempting to join the new partition, but the helm upgrade stays in a failed state until an upgrade is run with the partition name reverted.
thisisnotashwin
force-pushed
the
default-partitions
branch
from
7bb77a2 to
112ef52
Compare
thisisnotashwin
pushed a commit
that referenced
this pull request
Sep 16, 2021
* Fail if agents in server cluster are created in a partition not "default" * Fail helm upgrades if partition name is updated. - This does not cause the parition-init job from running or the agents from attempting to join the new partition, but the helm upgrade stays in a failed state until an upgrade is run with the partition name reverted.
thisisnotashwin
pushed a commit
that referenced
this pull request
Sep 17, 2021
* Fail if agents in server cluster are created in a partition not "default" * Fail helm upgrades if partition name is updated. - This does not cause the parition-init job from running or the agents from attempting to join the new partition, but the helm upgrade stays in a failed state until an upgrade is run with the partition name reverted.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Changes proposed in this PR:
helm upgradeto fail if the admin partition name is updated between the install and the upgrade.Questions:
Even though the helm upgrade fails when the partition name is changed, the partition-init job runs and the agents get reassigned. I could make the partition-init job a
pre-installjob and not apre-upgradejob, BUT the drawback of doing so would be anyone trying to upgrade an existing non-partition cluster to a partitioned cluster cannot. Should we ignore this use case? Ignore the upgrade use-case will ensure that the partition-init job will not run thereby not creating a new partition.FOLLOW UP:
After conversations with the team, it was decided that in the near term, we will not support updating to a partition that is non-default. Removing the
pre-upgradehook frompartition-initjob. This will ensure we don't create a partition when a user errantly updates the partition-name and performs a helm upgrade.How I've tested this PR:
Manual testing.
Bats tests
How I expect reviewers to test this PR:
Code review
Would love to hear thoughts on the above questions.
Checklist: