Kubernetes refactoring #450
Draft
Commits on Oct 24, 2024
-
-
-
-
-
-
Rename test_utils to testutils
stylecheck reports that modules should not have underscore in their names: rename test_utils to fix this. Rule ST1003. Note that mixed caps are not allowed in module names either.
-
Rename flags_tests to flagstests
stylecheck reports that modules should not have underscore in their names: rename flags_tests to fix this. Rule ST1003. Note that mixed caps are not allowed in module names either.
-
-
-
-
Use testing.T.TempDir instead of home made version
Since the testing module provides a TempDir function, use it in our tests. This also removes a number of errcheck errors about unchecked error in defer.
-
Add a cleaner function return to TempDir()
Returning the function cleaning the temporary folder from its creation function factorizes the removal and removes the missing checks for the os.RemoveAll() error.
-
-
Backup the pgsql data after rsyncing them
During a migration to kubernetes the server is deployed after the rsync to prepare the SSL secrets and PVC. This has the nasty effect to corrupt the synchronized data with a too recent catalog version ID. This would let the DB migration to fail starting the old postgresql server. To workaround this, move the data to the the backup place after the rsync instead of the begining of the db upgrade.
-
Refresh the connection after the k8s migration
After the k8s migration the pod has been started again since the initial connection creation. We need to reset the connection to not search for the old pod name.
-
Wait for 3 hours when running a pod
Some pods require a long time to run. This is the case for the DB upgrade finalization that runs a potentially long reindex.
-
Add deployments reason for helm history
Migration deploys the helm chart multiple times. Identifying which revision corresponds to which step in helm history is hard without a description.
-
Fix the SUSE Manager version inspection before release
During the development process the susemanager-release file appends a string like `Alpha1` to the version. The inspection sed command chokes on this.
-
-
Reorganize the kubernetes SSL CA deployment code for readability
Of of the issuers creation function had two distinct behaviors and this was only generating confusion when reading the whole code. This function has been split and some useless intermediary functions have been merged. This with better function naming should make the SSL setup code more understandable.
-
Ports internal data description refactoring
In the kubernetes world we need to link the ports to services. For now we only have a TCP and an UDP service for server and the same for proxy, but in the short term, we will need more services to allow splitting into multiple pods. This refactoring is preparing this split.
-
-
Refactor the upgrade SanityCheck to not exec in a running container
Running commands in a running container only works if there is a running container and is harder to unit test. In order to help sharing code for Kubernetes, the SanityCheck now gets the existing deployment version with inspecting its image. This also helps adding unit tests for those checks.
-
Use one data structure for install, migrate, upgrade flags
In order to later share code between those 3 very similar commands, we need to share the parameters data structure.
-
Kubernetes migration refactoring
Migration to kubernetes is rather fragile, with: 1. tasks running in `kubectl exec` or as `pod`. 2. the uyuni helm chart being deployed multiple times 3. `hostPath` mounts are used everywhere for the scripts to run and data to read and force the script to run on the cluster node. Here are the solutions to those problems: 1. Each step will run as a Job and those won't be deleted automatically for the user to access their logs after. 2. Stop using the helm chart and deploy the resources when we need them. This will allow more control of what runs when and reduces the number of useless starts of the giant container. Postgresql DB upgrade will disable SSL temporarily in the postgresql.conf in order to not rely on the SSL certificates to be migrated. 3. The scripts to run for each step will be passed directly as `sh -c` parameter to the generated Jobs. The migration data are be stored in a special volume and not on the host. As a collateral, SSH agent can no longer be used as that would require running on a cluster node again. At the moment the user is required to create a ConfigMap to stored the SSH config and known_hosts and a Secret for a passwordless SSH key. The PersistentVolumes are not destroyed after the end of the first job and are then reused by the next ones and the final deployment. Using Kubernetes API modules also helps for code reuse with a future operator. However for this `kubectl` should be dropped completely in favor of the official go client, but that could come in a future PR. As a side effect kubernetes interactions would be easier to mock for unit tests. Note that the old postgresql database cannot be moved to a separate PersistentVolumes. As we run a `db_upgrade --link`, the old database is linked by the new one and cannot be disposed of. -
-
Remove all server resources without relying on the helm chart.
-
Move the RunSetup function to shared
In order to share the same code for installation, migration and upgrade the RunSetup() function needs to move to the shared utils module.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.