Etcd encryption feature refactor for deployment and upgrades #1427
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
@sk4zuzu please change PR description not to invoke GH automation with "resolves #XXX" pattern |
|
Missing changelog entry? |
to-bar
suggested changes
Jul 7, 2020
...epicli/data/common/ansible/playbooks/roles/upgrade/tasks/kubernetes/patch-kubeadm-config.yml
Outdated
Show resolved
Hide resolved
...epicli/data/common/ansible/playbooks/roles/upgrade/tasks/kubernetes/patch-kubeadm-config.yml
Outdated
Show resolved
Hide resolved
...epicli/data/common/ansible/playbooks/roles/upgrade/tasks/kubernetes/patch-kubeadm-config.yml
Outdated
Show resolved
Hide resolved
...epicli/data/common/ansible/playbooks/roles/upgrade/tasks/kubernetes/patch-kubeadm-config.yml
Outdated
Show resolved
Hide resolved
...epicli/data/common/ansible/playbooks/roles/upgrade/tasks/kubernetes/patch-kubeadm-config.yml
Outdated
Show resolved
Hide resolved
...epicli/data/common/ansible/playbooks/roles/upgrade/tasks/kubernetes/patch-kubeadm-config.yml
Show resolved
Hide resolved
...icli/data/common/ansible/playbooks/roles/upgrade/tasks/kubernetes/upgrade-kubeadm-config.yml
Outdated
Show resolved
Hide resolved
...icli/data/common/ansible/playbooks/roles/upgrade/tasks/kubernetes/upgrade-kubeadm-config.yml
Outdated
Show resolved
Hide resolved
Co-authored-by: to-bar <46519524+to-bar@users.noreply.github.com>
@seriva it's not over yet. We fixed only one issue so far, it seems that we have at least one more that's causing similar problems. We will produce more PRs, please let us add the entry in the last one when we are sure it's finally fixed. :) |
to-bar
approved these changes
Jul 8, 2020
Why not add line:
and then add next PRs numbers?
and so on:
I think adding line to change log every PR is good practice. |
rafzei
approved these changes
Jul 8, 2020
@to-bar, @rafzei and me discussed this briefly and as it maybe looks nice, we don't really see any benefit from adding it in each PR (extra work). As long as we propely link PRs to issues, there should be no problem in finding what was done at what point. |
rafzei
added a commit
that referenced
this pull request
Aug 13, 2020
* Initialized test status table * Added next sections of test status Refactored status table a bit, added next lines, added next section with descriptions. * Upgrade cluster section filled * All sections filled * Add missing tests * Move CNS proposition design doc to GH. * fixed formatting * Etcd encryption feature refactor for deployment and upgrades (#1427) * kubernetes_master: etcd encryption simplification and refactor * upgrade: refactor of upgrade-kubeadm-config.yml (proper yaml parsing) * upgrade: adding etcd encryption patching procedure * upgrade-master.yml: small coding style improvement (highlight fix) * upgrade: enabling patching of the kubeadm config * fact naming improvements Co-authored-by: to-bar <46519524+to-bar@users.noreply.github.com> * patch-kubeadm-config.yml: skipping unnecessary kubectl apply Co-authored-by: to-bar <46519524+to-bar@users.noreply.github.com> * Bumping AzureCLI to fix SP secrets with special characters. * Added Changelog entry. * Change move to copy build dir during an upgrade (#1429) * Change move to copy build dir during an upgrade * Got rid of unused backup_temp_dir * Update to logging - log piping for stderr. - custom colors for different log levels - mapping some cases of log warnings and errors from Terraform and Ansible * helm documentation #896 * Progress: - simplified piping * Fix K8s upgrade: 'kubeadm upgrade apply' hangs (#1431) * Clean up and optimize K8s upgrades * Patch only kubeadm-config ConfigMap * Downgrade CoreDNS to K8s built-in version before 'kubeadm upgrade apply' * Deploy customized CoreDNS after K8s is upgraded to the latest version * Update changelog * Wait for API resources to propagate * Rename vendor in VSCode recommendations (#1438) Vendor moved owner of mauve.terraform repository to HashiCorp (https://marketplace.visualstudio.com/items?itemName=HashiCorp.terraform) * Fix issue with Vault and Kubernetes Calico/Canal communication (#1434) * Add vault namespace and fixes related to connection issue * Add default policy for default namespace * Remove service endpoint, execute certificate part if enabled, setting protocol correctly in Vault Helm chart * Add possibility to configure manually Vault endpoint * Added changelog. * add howto links for helm doc * Update Changelog for #1438 (#1460) * Update Changelog * Update Changelog - add PR number * bump rabbitmq version from 3.7.10 to 3.8.3 #1395 * Changes in documentation after creating fix for calico and canal (#1459) * Changes after creating fix for calico and canal * Update changelog * Got rid of pipe and grep (#1472) * Assert that current version is upgradeable #1474 (#1476) * Assert that upgrade from current version is supported #1474 * Update core/src/epicli/data/common/ansible/playbooks/roles/upgrade/tasks/kubernetes.yml Co-authored-by: to-bar <46519524+to-bar@users.noreply.github.com> * Add docker_version variable support (#1477) * add docker_version variable support * Docker installation - 2 tasks merged into 1 to speed up the deployment * Remove two useless packages from docker installation Co-authored-by: Grzegorz Dajuk <grzegorz.dajuk@zipzero.com> * Kubernetes HA upgrades (#1456) * epicli/upgrade: reusing existing shared-config + cleanups * upgrade: k8s HA upgrades minimal implementation * upgrade: kubernetes cleanup and refactor * Apply suggestions from code review Co-authored-by: to-bar <46519524+to-bar@users.noreply.github.com> * upgrade: removing unneeded kubeconfig from k8s nodes (security fix) * upgrade: statefulset patching refactor * upgrade: cleanups and refactor for logs * Make deployment manifest tasks more generic * Improve detecting CNI plugin * AnsibleVarsGenerator.py: fixing regression issue introducted during upgrade refactor * Apply suggestions from code review Co-authored-by: to-bar <46519524+to-bar@users.noreply.github.com> * upgrade: statefulset patching refactor - patching all containers (fix) - patching init containers also (fix) - removing include_tasks statements (speedup) * Ensure settings for backward compatibility * Revert "Ensure settings for backward compatibility" This reverts commit 5c9cdb6. * AnsibleInventoryUpgrade.py: merging shared-config with defaults * Adding changelog entry * Revert "AnsibleVarsGenerator.py: fixing regression issue introducted during upgrade refactor" This reverts commit c38eb9d. * Revert "epicli/upgrade: reusing existing shared-config + cleanups" This reverts commit e5957c5. * AnsibleVarsGenerator.py: adding nicer way to handle shared config Co-authored-by: to-bar <46519524+to-bar@users.noreply.github.com> * Fix upgrade of flannel to v0.12.0 (#1484) * Readme and changelog update (#1493) Readme and changelog update * Fixing broken offline CentOS 7.8 installation (#1498) * repository: adding the missing centos-logos package * updating 0.7.1 changelog * repository/centos-7: restoring alphabetical order * Add modularization-approaches.md design document * Kibana config always points its elasticsearch.hosts to a "logging" VM (#1347) (#1483) * Bump elliptic from 6.5.0 to 6.5.3 in /examples/keycloak/implicit/react Bumps [elliptic](https://github.com/indutny/elliptic) from 6.5.0 to 6.5.3. - [Release notes](https://github.com/indutny/elliptic/releases) - [Commits](indutny/elliptic@v6.5.0...v6.5.3) Signed-off-by: dependabot[bot] <support@github.com> * Bump elliptic in /examples/keycloak/authorization/react Bumps [elliptic](https://github.com/indutny/elliptic) from 6.5.0 to 6.5.3. - [Release notes](https://github.com/indutny/elliptic/releases) - [Commits](indutny/elliptic@v6.5.0...v6.5.3) Signed-off-by: dependabot[bot] <support@github.com> * Always setting hostname on all nodes of the cluster (on-prem fix) (#1509) * common: always setting hostname on all nodes of the cluster (on-prem fix) * updating 0.7.1 changelog * Workarund restart rabbitmq pods during patching #1395 * add missing changelog entry * Upgrade Kubernetes to v1.18.6 (#1501) * Upgrade k8s-dashboard to v2.0.3 (#1516) * fix due to review * Dashboard unavailability, network fix for Flannel and Canal #1394 (#1519) * additional defaults for kafka config * fixes after review, remove redundant code * Named demo configuration the same as generated one * Added deletion step description * Added a note related to versions for upgrades * Fixed syntax errors * Added prerequisites section in upgrade doc * Added key encoding troubleshooting info * Test fixes for RabbitMQ 3.8.3 (#1533) * fix missing variable image rabbitmq * Add Kubernetes Dashboard to COMPONENTS.md (#1546) * Update CHANGELOG-0.7.md Minor changes to changelog before release. * CHANGELOG-0.7.md update v0.7.1 release date (#1552) * Increment version string to 0.7.1 (#1554) Co-authored-by: Mateusz Kyc <mateusz.kyc@gmail.com> Co-authored-by: Mateusz Kyc <mkyc@users.noreply.github.com> Co-authored-by: Michał Opala <sk4zuzu@gmail.com> Co-authored-by: to-bar <46519524+to-bar@users.noreply.github.com> Co-authored-by: Luuk van Venrooij <luukvanvenrooij84@gmail.com> Co-authored-by: Tomasz Arendt <tomasz.arendt@pl.abb.com> Co-authored-by: Marcin Pyrka <pyrka.marcin@gmail.com> Co-authored-by: erzetpe <erzetpe@gmail.com> Co-authored-by: Luuk van Venrooij <11056665+seriva@users.noreply.github.com> Co-authored-by: ar3ndt <tomasz.arendt@gmail.com> Co-authored-by: Grzegorz Dajuk <grzegorz@dajuk.net> Co-authored-by: Grzegorz Dajuk <grzegorz.dajuk@zipzero.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: TolikT <tolikt@users.noreply.github.com> Co-authored-by: przemyslavic <43173646+przemyslavic@users.noreply.github.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Fixes issues with long running upgrades completely or partially (it still needs to be determined in a comprehensive testing 👍).