controlplane: minimum version negotiation/consensus #272
Assignees
Labels
c/cluster
Cluster management and identity (decoupled from k8s)
c/k8s
Kubernetes component
enhancement
New feature or request
Comments
lorenz
added
enhancement
|
The immediate production need was addressed using Jan's new reconciler. Removing from milestone, CC @lorenz for the follow-up architecture. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
For updating cleanly we need a system which tracks the minimum version of either the entire control plane or certain control plane components.
For example for K8s 1.25+ we need to remove the builtin PSP RBAC policies as well as bindings. This should however only be done once all control plane nodes are updated to 1.25+. Afterwards we need to make sure that every new control plane role assignment is gated on the node having at minimum the given version.
A similar thing should probably be done for the worker nodes (but there it is much less critical).
/cc @q3k as you probably have opinions on this
The text was updated successfully, but these errors were encountered: