Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Allow upgrades on azure without Terraform changes on LBs created from within Kubernetes #3257

Merged
merged 6 commits into from
Oct 9, 2024
Merged

Allow upgrades on azure without Terraform changes on LBs created from within Kubernetes #3257

merged 6 commits into from
Oct 9, 2024

Conversation

3u13r
Copy link
Member

@3u13r 3u13r commented Jul 16, 2024
edited
Loading

Context

Proposed change(s)

  • Remove worker nodes from any existing load balancer backend, since any VM NIC can only be attached to one backend group. Also the worker backends were unused anyway.
  • Let the cloud-controller-manager create a separate "kubernetes-lb" to create LBs for Kubernetes services.
  • Don't inline (most) of the network security rules
    • Sadly, we cannot fix the upgrade process in one go, as we need 2 state changes on the same resource. So the upgrade to this release still removes the network security rules added by the cloud controller manager, but which should heal itself in the upgrade process one it's restarted. After we execute the instructions mentioned in the TODO, there will finally be no terraform changes after "constellation create" -> "create LB svc" -> "terraform plan".

Azure, snp, 1:2, lb: https://github.com/edgelesssys/constellation/actions/runs/11220341955
Azure, snp, 1:2, upgrade: https://github.com/edgelesssys/constellation/actions/runs/11220359763

Checklist

  • Run the E2E tests that are relevant to this PR's changes
  • Add labels (e.g., for changelog category)
  • Is PR title adequate for changelog?
  • Link to Milestone

@3u13r 3u13r added the bug fix Fixing a bug label Jul 16, 2024
@3u13r 3u13r added this to the v2.18.0 milestone Jul 16, 2024
@netlify Netlify
Copy link

netlify bot commented Jul 16, 2024
edited
Loading

Deploy Preview for constellation-docs ready!

Name Link
🔨 Latest commit cf686d6
🔍 Latest deploy log https://app.netlify.com/sites/constellation-docs/deploys/670646ae7541700008a40e23
😎 Deploy Preview https://deploy-preview-3257--constellation-docs.netlify.app
📱 Preview on mobile
Toggle QR Code...

QR Code

Use your smartphone camera to open QR code link.

To edit notification comments on pull requests, go to your Netlify site configuration.

@3u13r 3u13r force-pushed the fix/azure/upgrade-lb-terraform-issue branch 4 times, most recently from 4d13479 to 6ed8523 Compare July 21, 2024 21:11
@3u13r 3u13r changed the title k8s: use separate lb for K8s services on azure Allow upgrades on azure without Terraform changes on LBs created from within Kubernetes Jul 21, 2024
@3u13r 3u13r force-pushed the fix/azure/upgrade-lb-terraform-issue branch 6 times, most recently from 12c040e to 5b950e5 Compare July 22, 2024 01:41
@3u13r 3u13r added the no changelog Change won't be listed in release changelog label Jul 22, 2024
@3u13r 3u13r marked this pull request as ready for review July 22, 2024 01:53
@3u13r 3u13r requested a review from derpsteb as a code owner July 22, 2024 01:53
@3u13r 3u13r requested review from burgerdev, msanft and daniel-weisse and removed request for derpsteb July 22, 2024 01:53
@3u13r 3u13r marked this pull request as draft July 22, 2024 02:16
burgerdev
burgerdev reviewed Jul 22, 2024
View reviewed changes
terraform/infrastructure/azure/main.tf Outdated Show resolved Hide resolved
terraform/infrastructure/azure/main.tf Outdated Show resolved Hide resolved
terraform/infrastructure/azure/main.tf Show resolved Hide resolved
@3u13r 3u13r mentioned this pull request Jul 23, 2024
Merged
3 tasks
@burgerdev burgerdev modified the milestones: v2.18.0, v2.19.0 Sep 9, 2024
@3u13r 3u13r force-pushed the fix/azure/upgrade-lb-terraform-issue branch 4 times, most recently from 7d586f1 to 69d6383 Compare October 7, 2024 15:44
@3u13r 3u13r force-pushed the fix/azure/upgrade-lb-terraform-issue branch 2 times, most recently from e18819c to e804d9a Compare October 7, 2024 16:38
@3u13r 3u13r force-pushed the fix/azure/upgrade-lb-terraform-issue branch from e804d9a to abd03b2 Compare October 7, 2024 21:13
@3u13r 3u13r marked this pull request as ready for review October 7, 2024 21:22
@3u13r 3u13r requested a review from thomasten as a code owner October 7, 2024 21:22
burgerdev
burgerdev approved these changes Oct 8, 2024
View reviewed changes
docs/docs/reference/migration.md Outdated Show resolved Hide resolved
docs/docs/reference/migration.md Outdated Show resolved Hide resolved
@github-actions GitHub Actions
Copy link
Contributor

github-actions bot commented Oct 9, 2024

Coverage report

Package Old New Trend
internal/constellation/helm 34.50% 34.50% 🚧

@3u13r 3u13r merged commit 2854136 into main Oct 9, 2024
12 checks passed
@3u13r 3u13r deleted the fix/azure/upgrade-lb-terraform-issue branch October 9, 2024 09:31
@elchead elchead mentioned this pull request Oct 22, 2024
Merged
5 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@daniel-weisse daniel-weisse daniel-weisse approved these changes

@thomasten thomasten thomasten approved these changes

@burgerdev burgerdev burgerdev approved these changes

@msanft msanft Awaiting requested review from msanft

Assignees
No one assigned
Labels
bug fix Fixing a bug no changelog Change won't be listed in release changelog
Projects
None yet
Milestone
v2.19.0
Development

Successfully merging this pull request may close these issues.
4 participants
@3u13r @burgerdev @thomasten @daniel-weisse