✨ Add KCP feature to clusterctl alpha rollout

[tobiasgiese]

Signed-off-by: Tobias Giese tobias.giese@mercedes-benz.com

What this PR does / why we need it:

This PR implements the sub-commands rollout, pause and resume for clusterctl alpha rollout

Which issue(s) this PR fixes (optional, in fixes #<issue number>(, fixes #<issue_number>, ...) format, will close the issue(s) when PR gets merged):
Part of #3439 (replaces #6857)

[tobiasgiese]

/retest

tests were successful on Prow

[tobiasgiese]

/test pull-cluster-api-e2e-informing-main

flaky CC test

[tobiasgiese]

Another idea to handle issues regarding different timezones or async local times: we could use for rolloutAfter the creation timestamp + a few seconds of the most recent control plane machine. In this case the rolling update should start in any case.

CAPI is checking if the machines creation timestamp is before rolloutAfter and rolloutAfter is before the reconciliation time.

cluster-api/util/collections/machine_filters.go

Line 176 in 03f62b1

return machine.CreationTimestamp.Before(rolloutAfter) && rolloutAfter.Before(reconciliationTime)

[tobiasgiese]

Regarding #6858 (comment)

AFAIK kubectl rollout restart has no rolloutAfter alike field. I think that the rollout will be performed immediately.

[tobiasgiese]

And btw, e.g. Deployment has also a restartedAt field like our MachineDeployment.

❯ kk rollout restart deploy coredns
deployment.apps/coredns restarted
❯ kk get deploy coredns -oyaml | grep restartedAt
        kubectl.kubernetes.io/restartedAt: "2022-07-18T12:09:53+02:00"

Same for Statefulsets

❯ kk rollout restart sts csi-resizer-cinder
statefulset.apps/csi-resizer-cinder restarted
❯ kk get sts csi-resizer-cinder -oyaml | grep restartedAt
        kubectl.kubernetes.io/restartedAt: "2022-07-18T12:11:06+02:00"

[chrischdi]

Thanks for this PR :-)

All in all it looks pretty good, only some nits :-)
Still want to / have to play around with it.

[chrischdi]

One question: Does making use of RolloutAfter limit the functionality for RolloutAfter.

E.g. a user may have already set RolloutAfter to a timestamp in the future (e.g. to enforce recreation of the control plane to renew certificates).

So what would happen if RolloutAfter is already set (and because of that we should not overwrite it?)

Edit: so I currently think we should not make use of RolloutAfter for clusterctl alpha rollout.

[tobiasgiese]

One question: Does making use of RolloutAfter limit the functionality for RolloutAfter.

AFAIK the RolloutAfter value will be overriden. Maybe we have to change the update behavior of the KCP? E.g., make use of the cluster.x-k8s.io/restartedAt for the KCP as well. In this case we can leave the RolloutAfter exclusively for the actual use case. This would also fit to #7053.

[sbueringer]

cc @ykakarap

[ykakarap]

This looks interesting to me. I will take a look a this.

[sbueringer]

/retest

[ykakarap]

/lgtm

[vincepri]

/approve
/hold
for @fabriziopandini's review

Great work thank you!

[tobiasgiese]

/hold cancel

[tobiasgiese]

/hold

sorry, overlooked your hold Vince

[tobiasgiese]

Will solve the merge conflict after the review from @fabriziopandini

[fabriziopandini]

Only one question, otherwise lgtm

[fabriziopandini]

q for my understanding, why are there such changes in hack/tools/go.mod? this sems unrelated to the other changes in this PR

[tobiasgiese]

I am also not sure why these changes are in the PR. But go mod tidy and the Prow job want this change.

IIRC we found out why these changes happen @chrischdi, right? Do you still know why?

[sbueringer]

hack/tools/tilt-prepare uses "sigs.k8s.io/cluster-api/cmd/clusterct/*"

"sigs.k8s.io/cluster-api/cmd/clusterct/*" now uses "sigs.k8s.io/cluster-api/controlplane/kubeadm/api/v1beta1" (for the KubeadmControlPlane type)

"sigs.k8s.io/cluster-api/controlplane/kubeadm/api/v1beta1" uses "github.com/coredns/corefile-migration" (for the KCP webhook)

"github.com/coredns/corefile-migration" uses "github.com/coredns/caddy" (internally)

[chrischdi]

I came to the same conclusion as stefan 🏆

[sbueringer]

@tobiasgiese Can you please rebase the PR? I would merge then

[tobiasgiese]

@tobiasgiese Can you please rebase the PR? I would merge then

Done, thank you 👍🏻

[sbueringer]

Thank you very much!! (especially for the patience :))

/lgtm
/approve

[k8s-ci-robot]

LGTM label has been added.

Git tree hash: fad73e5eb2d6bfa576ff62c98f846f5987bce042

[k8s-ci-robot]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: sbueringer, vincepri

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

• OWNERS [sbueringer,vincepri]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[tobiasgiese]

/hold cancel

[fabriziopandini]

thanks for pushing this over the line @tobiasgiese!