Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix erroneous microk8s join invocations by adding validation #4397

Merged
merged 1 commit into from
Feb 27, 2024

Conversation

skatsaounis
Copy link
Contributor

@skatsaounis skatsaounis commented Feb 6, 2024

Summary

Add validation to microk8s join connection string to avoid wrong usage that may lead to propagating errors to microk8s state.

Closes #4396

Changes

The validation of the connection string checks:

  • The format of the string
  • The validity of master IP
  • The validity of master PORT
  • The lengths of token and fingerprint

Testing

Possible Regressions

Checklist

  • Read the contributions page.
  • Submitted the CLA form, if you are a first time contributor.
  • The introduced changes are covered by unit and/or integration tests.

Notes

@bschimke95 bschimke95 self-requested a review February 27, 2024 09:38
Copy link
Contributor

@bschimke95 bschimke95 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@skatsaounis Thanks for your contribution!

@bschimke95 bschimke95 merged commit 3488ddd into canonical:master Feb 27, 2024
14 checks passed
@skatsaounis skatsaounis deleted the add-join-validation branch February 27, 2024 14:24
shayancanonical referenced this pull request in canonical/mysql-router-k8s-operator Aug 30, 2024
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
| [canonical/microk8s](https://github.com/canonical/microk8s) | minor
| `1.28` -> `1.31` |

---

### Release Notes

<details>
<summary>canonical/microk8s (canonical/microk8s)</summary>

###
[`v1.31`](https://github.com/canonical/microk8s/releases/tag/v1.31):
MicroK8s 1.31 released!

[Compare
Source](https://github.com/canonical/microk8s/compare/v1.30...v1.31)

#### In this release

##### Kubernetes 1.31

Read more at
https://kubernetes.io/blog/2024/08/13/kubernetes-v1-31-release/

##### Dqlite efficiency

We spent a lot of effort in improving the efficiency of the default
datastore, [dqlite](https://github.com/canonical/k8s-dqlite). You will
find improvements in the performance of concurrent queries and open
telemetry integration.

##### Important updates

-   helm upgrade to v3.14.4
-   cert-manager to v1.14.5
-   cilium to v1.15.2
-   gopaddle to v5.0
-   falco to v4.5.1
-   cloudnative pg to v1.23.3

##### Many thanks to our contributors

-   [@&#8203;TecIntelli](https://github.com/TecIntelli)
-   [@&#8203;jasonumiker](https://github.com/jasonumiker)
- [@&#8203;Gayathri-Bluemeric](https://github.com/Gayathri-Bluemeric)
-   [@&#8203;DLDClodio](https://github.com/DLDClodio)
-   [@&#8203;stalb](https://github.com/stalb)
-   [@&#8203;alphayax](https://github.com/alphayax)
-   [@&#8203;o0th](https://github.com/o0th)
-   [@&#8203;ShrishtiKarkera](https://github.com/ShrishtiKarkera)

###
[`v1.30`](https://github.com/canonical/microk8s/releases/tag/v1.30):
MicroK8s 1.30 released!

[Compare
Source](https://github.com/canonical/microk8s/compare/v1.29...v1.30)

#### Featured in this release

##### Kubernetes 1.30 obviously

Read more at
https://kubernetes.io/blog/2024/04/17/kubernetes-v1-30-release/

##### Dqlite stability

With the help of [@&#8203;miro-balaz](https://github.com/miro-balaz)
we identified and patched a few issued that improve the reliability of
our default datastore in resource limiting environments.

##### Important updates

Most notably

-   containerd to v1.6.28 and runc to v.1.1.12
-   gpu-operator to v23.9.1

##### New addon

- Stunner by [@&#8203;smeng9](https://github.com/smeng9), a Kubernetes
media gateway for WebRTC

#### In detail

##### What's changed in detail

- Do not set --hostname-override on kube-proxy when joining a cluster by
[@&#8203;neoaggelos](https://github.com/neoaggelos) in
[https://github.com/canonical/microk8s/pull/4360](https://github.com/canonical/microk8s/pull/4360)
- Use build-snaps instead of manually installing the go snap by
[@&#8203;IsaacJT](https://github.com/IsaacJT) in
[https://github.com/canonical/microk8s/pull/4377](https://github.com/canonical/microk8s/pull/4377)
- Bump containerd to v1.6.28 and runc to v.1.1.12 by
[@&#8203;louiseschmidtgen](https://github.com/louiseschmidtgen) in
[https://github.com/canonical/microk8s/pull/4398](https://github.com/canonical/microk8s/pull/4398)
- Fix erroneous microk8s join invocations by adding validation by
[@&#8203;skatsaounis](https://github.com/skatsaounis) in
[https://github.com/canonical/microk8s/pull/4397](https://github.com/canonical/microk8s/pull/4397)

##### External contributors

- [@&#8203;IsaacJT](https://github.com/IsaacJT) made their first
contribution in
[https://github.com/canonical/microk8s/pull/4377](https://github.com/canonical/microk8s/pull/4377)
- [@&#8203;skatsaounis](https://github.com/skatsaounis) made their
first contribution in
[https://github.com/canonical/microk8s/pull/4397](https://github.com/canonical/microk8s/pull/4397)
- [@&#8203;miro-balaz](https://github.com/miro-balaz) rewrote the
dqlite list query
[https://github.com/canonical/k8s-dqlite/pull/83](https://github.com/canonical/k8s-dqlite/pull/83)
- [@&#8203;smeng9](https://github.com/smeng9) contributed a new addon
Stunner
[https://github.com/canonical/microk8s-community-addons/pull/223](https://github.com/canonical/microk8s-community-addons/pull/223)
- [@&#8203;udit-uniyal](https://github.com/udit-uniyal) addressed
KubeArmor installation issue
[https://github.com/canonical/microk8s-community-addons/pull/216](https://github.com/canonical/microk8s-community-addons/pull/216)

###
[`v1.29`](https://github.com/canonical/microk8s/releases/tag/v1.29):
MicroK8s v1.29 released!

[Compare
Source](https://github.com/canonical/microk8s/compare/v1.28...v1.29)

#### Featured in this release

##### "Quality of life" improvements

A lot of effort has gone into the datastore, DQlite. In this release we
introduced the following improvements:

- DQlite node role reassignment in case of failure domain availability
changes
-   Optional admission control to ensure performance
-   Handling the out-of-disk-space cases
- Performance improvements related to static linking of DQlite and SQL
query preparation

##### New addons by our partners and community members

- Falco: the cloud-native security tool that employs custom rules on
kernel events to provide real-time alerts
- CloudNative PG Operator: Leveraging cloud native Postgres for
Kubernetes adds speed, efficiency and protection for your infrastructure
modernization
- ngrok: Ingress Controller instantly adds connectivity, load balancing,
authentication, and observability to your services

#### Detail list of updates since last release

##### Kubernetes core services

-   Kubernetes 1.29

##### Usability Improvements

-   Improved messaging in joining nodes
- Fix the default IP shown in ‘microk8s add-node’ output when using FRR
(thanks [@&#8203;nihr23](https://github.com/nihr43))
- Improve connectivity check in installers, thank you
[@&#8203;smithyuk](https://github.com/smithyuk)
-   Handle out of low disk capacity on dqlite nodes
-   Admission control to protect from dqlite performance degradation
-   Failure domain control plain datastore rebalance
- Memory argument warning in installer, thank you
[@&#8203;eddiesimeon](https://github.com/eddiesimeon)

##### Addon updates

-   New addon: nvidia, allows for enabling the gpu and network operators
- New addon: Falco v3.7.1, thank you
[@&#8203;jasonumiker](https://github.com/jasonumiker)
- New addon: CloudNativePG, thank you
[@&#8203;sxd](https://github.com/sxd)
- New addon: ngrok, thank you
[@&#8203;russorat](https://github.com/russorat)
- Added default-class option to hostpath-storage, thank you
[@&#8203;overtfuture](https://github.com/overtfuture)
- Upgraded sosivio to v1.7.1, thank you
[@&#8203;DanArlowski](https://github.com/DanArlowski)
- Upgrade linkerd to v2.14.3, thank you
[@&#8203;balchua](https://github.com/balchua)
- Upgraded KWasm operator to version v0.3.0, thank you
[@&#8203;0xE282B0](https://github.com/0xE282B0)
- Upgrade keda to v2.12.0, thank you
[@&#8203;balchua](https://github.com/balchua)
-   Upgraded hostpath-storage to v1.5.0
- Upgraded MICROCKS to v1.8.0, thank you
[@&#8203;yada](https://github.com/yada)
- hostpath-storage option not to be set as the default storage class,
courtesy of [@&#8203;overtfuture](https://github.com/overtfuture)
-   Removed ondat addon from the community repository

</details>

---

### Configuration

📅 **Schedule**: Branch creation - "after 1am and before 3am every
weekday" in timezone Etc/UTC, Automerge - At any time (no schedule
defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR was generated by [Mend Renovate](https://mend.io/renovate/).
View the [repository job
log](https://developer.mend.io/github/canonical/mysql-router-k8s-operator).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOC41Ni4wIiwidXBkYXRlZEluVmVyIjoiMzguNTYuMCIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOltdfQ==-->

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

join command with hostname misconfigures dqlite and puts it in error state
2 participants