Implement ocp postprocess hostname rename #82
Conversation
|
[APPROVALNOTIFIER] This PR is NOT APPROVED This pull-request has been approved by: mresvanis The full list of commands accepted by this bot can be found here.
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
mresvanis
force-pushed
the
mgmt-16426-hostname-ocp-postprocess
branch
2 times, most recently
from
c29dca2 to
54e02b1
Compare
|
/test e2e-aws-ovn-single-node-recert-parallel e2e-aws-ovn-single-node-recert-serial baremetalds-sno-recert-cluster-rename |
|
/test e2e-aws-ovn-single-node-recert-parallel |
mresvanis
force-pushed
the
mgmt-16426-hostname-ocp-postprocess
branch
from
f6a617c to
8dbd414
Compare
| .replace(original_hostname, hostname); | ||
| tokio::spawn(async move { | ||
| async move { | ||
| fs::rename(original_path, new_path)?; |
There was a problem hiding this comment.
we should have a function similar to commit_file so it can be avoided during a dry run
There was a problem hiding this comment.
Of course, I completely neglected the dry run option. I'll try to update this accordingly.
There was a problem hiding this comment.
I didn't add a function like commit_rename because we only need it here, but I can do that if you think it makes sense for the long term. WDYT?
There was a problem hiding this comment.
I prefer a separate function just because I don't want to concern rename code with the concept of dry run
There was a problem hiding this comment.
But I'll just do it separately later as part of a refactor of all the rename code, too much repetition. I'm afraid to touch it right now because we have no IBI/IBU 0-rollout tests, but once we'll do I'll be able to make changes with confidence
There was a problem hiding this comment.
Got it, this makes sense, I'm working on adding the recert hostname change 0-rollout CI job (not IBI/IBU at this point, just recert, but I think until we have an IBI/IBU e2e job, we can already increase our confidence starting with this recert specific job).
mresvanis
force-pushed
the
mgmt-16426-hostname-ocp-postprocess
branch
2 times, most recently
from
cbd5714 to
8dac639
Compare
This change ensures that unnecessary and time-consuming OCP
control-plane component rollouts are skipped. The latter are
triggered by the node's hostname change, which occurs when
applying an IBU seed image onto the target SNO.
Specifically, the changes are:
- add a new recert configuration argument of type string, i.e.
--hostname with which the new hostname is provided
- add a hostname_rename mod, which implements the following changes:
- replace all occurrences of the previous (seed node) hostname in
etcd
- replace all occurrences of the previous (seed node) hostname in the
filesystem
Signed-off-by: Michail Resvanis <[email protected]>
mresvanis
force-pushed
the
mgmt-16426-hostname-ocp-postprocess
branch
from
8dac639 to
792ed73
Compare
|
/test ? |
|
@omertuc: The following commands are available to trigger required jobs:
Use
In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
|
/test baremetalds-sno-recert-cluster-rename |
|
@mresvanis: The following test failed, say
Full PR test history. Your PR dashboard. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here. |
This failure is typical, ignore |
This change leverages recert's latest OCP post-process hostname feature, which makes OCP's control-plane cluster operators (i.e. etcd, kube-apiserver, kube-controller-manager, kube-scheduler) happy, so that the latter won't trigger additional revisions. Thus reducing the time OCP needs to stabilize after recert. For more details please check here: - rh-ecosystem-edge/recert#82 Signed-off-by: Michail Resvanis <[email protected]>
This change leverages recert's latest OCP post-process hostname feature, which makes OCP's control-plane cluster operators (i.e. etcd, kube-apiserver, kube-controller-manager, kube-scheduler) happy, so that the latter won't trigger additional revisions. Thus reducing the time OCP needs to stabilize after recert. For more details please check here: - rh-ecosystem-edge/recert#82 Signed-off-by: Michail Resvanis <[email protected]>
This change leverages recert's latest OCP post-process hostname feature, which makes OCP's control-plane cluster operators (i.e. etcd, kube-apiserver, kube-controller-manager, kube-scheduler) happy, so that the latter won't trigger additional revisions. Thus reducing the time OCP needs to stabilize after recert. For more details please check here: - rh-ecosystem-edge/recert#82 Signed-off-by: Michail Resvanis <[email protected]>
This PR adds the changes required to the
ocp_postprocessmodule, in order to skip the unnecessary and time-consuming OCP control-plane component rollouts. The latter get triggered by the node'shostnamechange, which occurs when applying an IBU seed image onto the target SNO.The changes are:
string, i.e.--hostnamewith which the newhostnameis providedNODE_IPin the etcd relatedconfigmaps, in addition to thehostname, which is currently done in the filesystem by the LCA post-pivot. It's probably a good idea to do it here, so that we can change it both in etcd and the filesystem. In that sense, this argument could be refactored to--hostname-rename <hostname>:<IP>(?)hostname_renamemod, which implements the following changes:hostnameinetcdsecrets/openshift-etcd/etcd-all-certsand its revisionsoperator.openshift.io/kubeapiservers/clusteroperator.openshift.io/kubecontrollermanagers/clusteroperator.openshift.io/kubeschedulers/clustersecrets/openshift-etcd/etcd-peerand its revisionssecrets/openshift-etcd/etcd-servingsecrets/openshift-etcd/etcd-serving-metricsconfigmaps/openshift-etcd/etcd-podand its revisionsconfigmaps/openshift-etcd/restore-etcd-podconfigmaps/openshift-etcd/etcd-scriptshostnamein the filesystem/etc/kubernetes/static-pod-resources/etcd-*env var names and values of env vars, i.e.s/NODE_<hostname>/NODE_<new-hostname>/g; s/<hostname/<new-hostname>/g/etc/kubernetes/manifests/etcd-*env var names and env var values, i.e.s/NODE_<hostname>/NODE_<new-hostname>/g; s/<hostname>/<new-hostname>/g/etc/kubernetes/static-pod-resources/kube-apiserver-pod-*, i.e.s/--node-name=<hostname>/--node-name=<new-hostname>/g/etc/kubernetes/static-pod-resources/etcd-certs/secrets/etcd-all-certs/*.{crt,key}/etc/kubernetes/static-pod-resources/etcd-member/etcd-all-certs/*.{crt,key}/etc/kubernetes/static-pod-resources/etcd-pod-*/secrets/etcd-all-certs/*.{crt,key}hostnameinetcdkeys and values, that are irrelevant to skipping the control-plane component rollouts but still useful in order to not leave any leftovers when moving to the seed image to the target SNO