-
Notifications
You must be signed in to change notification settings - Fork 209
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[design] Integration with Fedora CoreOS auto-updates (Zincati strategy) #216
Comments
@lucab Look at https://github.com/poseidon/fleetlock ( few prom metrics, no notificiations ) |
@lukasmrtvy thanks for the pointer, I'm aware of that project. For context, I'm not looking into alternative solutions for "how to orchestrate Fedora CoreOS cluster-reboots". |
@lucab ah, thanks. Maybe would be better to catch devs on Slack (https://slack.weave.works) #kured |
This issue was automatically considered stale due to lack of activity. Please update it and/or join our slack channels to promote it, before it automatically closes (in 7 days). |
@lucab That was a great initiative, were you able to properly use kured with zincati to auto-upgrade Kube nodes? |
@mysticaltech not really, there didn't seem to be much interest in writing down the requirements for a clear interfaces between the two pieces. |
Thank you @lucab, good to know that's still an option! 🙏 If curious, please have a look how Kubic supports kured: https://en.opensuse.org/Kubic:Update_and_Reboot#Kubernetes_Reboot_Daemon https://github.com/openSUSE/transactional-update/blob/master/sbin/transactional-update.in#L323 |
By design, the "touch a file and let kured reboot" approach does not work in this case. A random reboot (either triggered by kured, or by an external event like a power loss or a cloud-maintenance-forced-reboot) does not result in any spurious upgrade being applied. For all the details, see my initial comment. |
Ah, but the reboot needs to be done by Zincati itself "finalize-and-reboot" as mentioned above, so it won't work in the current form! Basically, you just need Kured to do the draining and inform Zincati when it can reboot. |
So the good news @lucab is that Kured does have a
What do you think? |
Yes, something like that. |
Sounds good! Though the terminology is a little over my head as I am new to CoreOS. Maybe "touching" respective empty files, could be enough to pass the info without worrying about namespaces and permissions.
That would likely definitely work if coreos/zincati#540 is implemented. |
This ticket may or may not be a subset of #122.
I'd like to explore the design space to see how
kured
and Fedora CoreOS (FCOS) auto-updates could be plugged together. In particular, I'd like to seekured
as the in-cluster reboot coordinator directing the local update-agent (Zincati) on each node. This possibly requires some enhancements on both sides, and I'll be happy to drive the changes on FCOS side.Zincati core logic implements a finite-state machine: https://github.com/coreos/zincati/blob/v0.0.13/docs/images/zincati-fsm.png
One key point here is that an update is first staged, and only later explicitly finalized (with a reboot) based on the locally configured update strategy. This means that a random reboot (i.e. not triggered by Zincati) will not apply a staged update.
It currently offers a few upgrade strategies: https://coreos.github.io/zincati/usage/updates-strategy/
One option here could be kured to implement the FleetLock protocol, and point Zincati at it.
Another option could be that a new strategy is added to Zincati to signal the staged update with a file compatible with
--reboot-sentinel
, and then kured reboot logic is made configurable to write a file (allowing Zincati to finalize the update) instead of rebooting.The text was updated successfully, but these errors were encountered: