Migrate to using custom resource to store etcd snapshot metadata

[brandond]

Proposed Changes

Add ADR and implementation for etcd snapshot CRD migration.

Types of Changes

ADR, bugfix, reimplementation

Verification

Run full snapshot create / delete / prune tests; confirm that all function normally and snapshot CRs, configmaps, and CLI output stay in sync

Testing

n/a

Linked Issues

• k3s-etcd-snapshots configmap grows too large when snapshot retention is high #8611
• [BUG] rke2-etcd-snapshots configmap grows too large when snapshot retention is high rancher/rke2#4495

User-Facing Change

Further Comments

[manuelbuil]

Thanks for writing this up Brad. I have two (stupid?) questions:

1 - Will this impact how rke2 is doing snapshots too?
2 - IIRC, snapshots are stored in /var/lib/rancher/k3s/server/db/snapshots, right? So, what the configmap stores is information about the snapshots stored in the filesystem, right?

[brandond]

@manuelbuil

1 - Will this impact how rke2 is doing snapshots too?

Yes, this code manages snapshots for both products.

2 - IIRC, snapshots are stored in /var/lib/rancher/k3s/server/db/snapshots, right? So, what the configmap stores is information about the snapshots stored in the filesystem, right?

Yes, and the snapshots stored in s3.

[cwayne18]

@Oats87 I know we talked this over in design, but it would be good to get sign-off from the v2prov side to make sure y'all are in agreement with whatever we decide to do here

[brandond]

I have a couple changes to make based on what was discussed in the call. This includes:

• Storing metadata alongside the snapshots both on disk and in s3 so that it doesn't only live in the snapshot list
• Use of kube-system namespace UID as cluster ID (to prevent listing/pruning of snapshots from different clusters in the same bucket)

[codecov]

Codecov Report

Attention: 932 lines in your changes are missing coverage. Please review.

Comparison is base (7d38b4a) 47.05% compared to head (4854dbf) 50.66%.

❗ Current head 4854dbf differs from pull request most recent head 174ff79. Consider uploading reports for the commit 174ff79 to get more accurate results

Additional details and impacted files

@@            Coverage Diff             @@
##           master    #8064      +/-   ##
==========================================
+ Coverage   47.05%   50.66%   +3.60%     
==========================================
  Files         144      147       +3     
  Lines       14964    15611     +647     
==========================================
+ Hits         7042     7909     +867     
+ Misses       6809     6453     -356     
- Partials     1113     1249     +136     

Flag	Coverage Δ
e2etests	47.23% <10.25%> (?)
inttests	44.01% <39.27%> (-0.42%)	⬇️
unittests	17.94% <0.27%> (-1.62%)	⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

Files	Coverage Δ
pkg/agent/config/config.go	52.59% <ø> (+3.39%)	⬆️
pkg/agent/containerd/containerd.go	20.39% <ø> (ø)
pkg/apis/k3s.cattle.io/v1/zz_generated_register.go	69.23% <100.00%> (+5.59%)	⬆️
pkg/cli/agent/agent.go	26.22% <ø> (+26.22%)	⬆️
pkg/cli/server/server.go	62.33% <ø> (+2.20%)	⬆️
pkg/cloudprovider/cloudprovider.go	65.33% <ø> (ø)
pkg/cloudprovider/servicelb.go	62.21% <ø> (+0.20%)	⬆️
pkg/cluster/address_controller.go	84.21% <ø> (ø)
pkg/cluster/bootstrap.go	48.74% <100.00%> (+11.38%)	⬆️
pkg/cluster/encrypt.go	42.85% <100.00%> (-4.97%)	⬇️
... and 30 more

... and 24 files with indirect coverage changes

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[cwayne18]

cc @jakefhyde @Oats87 for any RM-related review

[brandond]

Moving to draft, this is still work in progress

[briandowns]

Provisional approval pending CI.

[brandond]

S390x is having issues and we do not have an ETA for restoration; all other tests are green. merging