From bb30c2261264e50572b0258489491276f83a27c6 Mon Sep 17 00:00:00 2001 From: to-bar <46519524+to-bar@users.noreply.github.com> Date: Tue, 13 Jul 2021 09:37:42 +0200 Subject: [PATCH] Restart CoreDNS conditionally (#2417) * Restart CoreDNS conditionally * Update changelog --- CHANGELOG-1.2.md | 1 + .../playbooks/roles/common/tasks/main.yml | 10 +++++ .../roles/kubernetes_master/defaults/main.yml | 5 ++- .../tasks/deployments/deploy-file.yml | 4 +- .../tasks/deployments/deploy-template.yml | 4 +- .../kubernetes_master/tasks/master-init.yml | 5 +-- .../kubernetes_master/tasks/patch-coredns.yml | 9 ++++ .../tasks/restart-coredns.yml | 42 +++++++++++++++++++ 8 files changed, 72 insertions(+), 8 deletions(-) create mode 100644 core/src/epicli/data/common/ansible/playbooks/roles/kubernetes_master/tasks/restart-coredns.yml diff --git a/CHANGELOG-1.2.md b/CHANGELOG-1.2.md index f9f741c86a..1a5c1db10b 100644 --- a/CHANGELOG-1.2.md +++ b/CHANGELOG-1.2.md @@ -5,6 +5,7 @@ ### Added - [#2127](https://github.com/epiphany-platform/epiphany/issues/2127) - Allow to specify configuration to be used in upgrade mode +- [#2397](https://github.com/epiphany-platform/epiphany/issues/2397) - Restart CoreDNS pods conditionally ### Fixed diff --git a/core/src/epicli/data/common/ansible/playbooks/roles/common/tasks/main.yml b/core/src/epicli/data/common/ansible/playbooks/roles/common/tasks/main.yml index f920de7f25..60ecfb7357 100644 --- a/core/src/epicli/data/common/ansible/playbooks/roles/common/tasks/main.yml +++ b/core/src/epicli/data/common/ansible/playbooks/roles/common/tasks/main.yml @@ -122,3 +122,13 @@ - name: Include logrotate configuration tasks include_tasks: configure-logrotate.yml + +- name: Create Epiphany directories + file: + path: "{{ item.path }}" + state: directory + mode: "{{ item.mode | default('u=rwx,go=rx') }}" + owner: root + group: root + loop: + - { path: /var/lib/epiphany } diff --git a/core/src/epicli/data/common/ansible/playbooks/roles/kubernetes_master/defaults/main.yml b/core/src/epicli/data/common/ansible/playbooks/roles/kubernetes_master/defaults/main.yml index a0db55c55d..39b2244a7e 100644 --- a/core/src/epicli/data/common/ansible/playbooks/roles/kubernetes_master/defaults/main.yml +++ b/core/src/epicli/data/common/ansible/playbooks/roles/kubernetes_master/defaults/main.yml @@ -5,7 +5,7 @@ cni_plugin_vars: canal: k8s-app=canal flannel: app=flannel -epiphany_manifests_dir: /etc/epiphany/manifests +epiphany_k8s_manifests_dir: /etc/epiphany/manifests # The default values below were chosen as a compromise between node stability when available resources are low # and utilization (costs) to support even SMALL size VMs and may need to be adjusted depending on your environment. @@ -24,3 +24,6 @@ kubelet_custom_config: systemReserved: cpu: 50m memory: 768Mi # based on RedHat 7.5 on Standard_DS1_v2 Azure VM with =~ 30 pods + +coredns_vars: + known_hosts_file_name: coredns-known-hosts diff --git a/core/src/epicli/data/common/ansible/playbooks/roles/kubernetes_master/tasks/deployments/deploy-file.yml b/core/src/epicli/data/common/ansible/playbooks/roles/kubernetes_master/tasks/deployments/deploy-file.yml index 8709ba0755..19b3c80e29 100644 --- a/core/src/epicli/data/common/ansible/playbooks/roles/kubernetes_master/tasks/deployments/deploy-file.yml +++ b/core/src/epicli/data/common/ansible/playbooks/roles/kubernetes_master/tasks/deployments/deploy-file.yml @@ -4,7 +4,7 @@ - name: Ensure that directory for files exists become: true file: - path: "{{ epiphany_manifests_dir }}" + path: "{{ epiphany_k8s_manifests_dir }}" state: directory owner: root group: root @@ -12,7 +12,7 @@ - name: Upload and apply file vars: - dest_path: "{{ epiphany_manifests_dir }}/{{ file_name | basename }}" + dest_path: "{{ epiphany_k8s_manifests_dir }}/{{ file_name | basename }}" block: - name: Upload {{ file_name }} file become: true diff --git a/core/src/epicli/data/common/ansible/playbooks/roles/kubernetes_master/tasks/deployments/deploy-template.yml b/core/src/epicli/data/common/ansible/playbooks/roles/kubernetes_master/tasks/deployments/deploy-template.yml index efa3416e25..e7efd62410 100644 --- a/core/src/epicli/data/common/ansible/playbooks/roles/kubernetes_master/tasks/deployments/deploy-template.yml +++ b/core/src/epicli/data/common/ansible/playbooks/roles/kubernetes_master/tasks/deployments/deploy-template.yml @@ -4,7 +4,7 @@ - name: Ensure that directory for files exists become: true file: - path: "{{ epiphany_manifests_dir }}" + path: "{{ epiphany_k8s_manifests_dir }}" state: directory owner: root group: root @@ -12,7 +12,7 @@ - name: Upload and apply template vars: - dest_path: "{{ epiphany_manifests_dir }}/{{ file_name | basename | regex_replace('\\.j2$') }}" + dest_path: "{{ epiphany_k8s_manifests_dir }}/{{ file_name | basename | regex_replace('\\.j2$') }}" block: - name: Upload {{ file_name }} file become: true diff --git a/core/src/epicli/data/common/ansible/playbooks/roles/kubernetes_master/tasks/master-init.yml b/core/src/epicli/data/common/ansible/playbooks/roles/kubernetes_master/tasks/master-init.yml index c34eec21eb..108456d258 100644 --- a/core/src/epicli/data/common/ansible/playbooks/roles/kubernetes_master/tasks/master-init.yml +++ b/core/src/epicli/data/common/ansible/playbooks/roles/kubernetes_master/tasks/master-init.yml @@ -70,9 +70,8 @@ - name: Patch CoreDNS include_tasks: patch-coredns.yml -# TODO: Restart conditionally (only when /etc/hosts was updated) or check whether newer CoreDNS would solve issue #2345 -- name: Restart CoreDNS pods - command: kubectl rollout restart deployment coredns --namespace kube-system +- name: Restart CoreDNS + include_tasks: restart-coredns.yml - name: Apply Kubernetes Dashboard include_tasks: apply-dashboard.yml diff --git a/core/src/epicli/data/common/ansible/playbooks/roles/kubernetes_master/tasks/patch-coredns.yml b/core/src/epicli/data/common/ansible/playbooks/roles/kubernetes_master/tasks/patch-coredns.yml index c45ba09be8..33b000fcf9 100644 --- a/core/src/epicli/data/common/ansible/playbooks/roles/kubernetes_master/tasks/patch-coredns.yml +++ b/core/src/epicli/data/common/ansible/playbooks/roles/kubernetes_master/tasks/patch-coredns.yml @@ -19,3 +19,12 @@ patch: content: "{{ coredns_deployment_patch | to_json }}" type: strategic + +# When CoreDNS is patched, pods are restarted so there is no need to run 'Restart CoreDNS pods' task +- name: Copy /etc/hosts to /var/lib/epiphany/{{ coredns_vars.known_hosts_file_name }} + copy: + src: /etc/hosts + dest: /var/lib/epiphany/{{ coredns_vars.known_hosts_file_name }} + remote_src: yes + mode: preserve + when: kubectl_patch.changed diff --git a/core/src/epicli/data/common/ansible/playbooks/roles/kubernetes_master/tasks/restart-coredns.yml b/core/src/epicli/data/common/ansible/playbooks/roles/kubernetes_master/tasks/restart-coredns.yml new file mode 100644 index 0000000000..c4ed43c784 --- /dev/null +++ b/core/src/epicli/data/common/ansible/playbooks/roles/kubernetes_master/tasks/restart-coredns.yml @@ -0,0 +1,42 @@ +--- +- name: Check if CoreDNS known hosts file exists + stat: + path: /var/lib/epiphany/{{ coredns_vars.known_hosts_file_name }} + get_attributes: false + get_checksum: false + get_mime: false + register: stat_coredns_known_hosts + +- name: Compare hosts files + when: stat_coredns_known_hosts.stat.exists + block: + - name: Slurp CoreDNS known hosts file + slurp: + src: /var/lib/epiphany/{{ coredns_vars.known_hosts_file_name }} + register: slurp_coredns_known_hosts + + - name: Slurp /etc/hosts + slurp: + src: /etc/hosts + register: slurp_etc_hosts + + - name: Check if hosts files differ + set_fact: + hosts_files_differ: >- + {{ etc_hosts_lines | symmetric_difference(coredns_known_hosts_lines) | count > 0 }} + vars: + etc_hosts_lines: "{{ (slurp_etc_hosts.content | b64decode).split('\n') }}" + coredns_known_hosts_lines: "{{ (slurp_coredns_known_hosts.content | b64decode).split('\n') }}" + +- name: Restart CoreDNS pods + command: kubectl rollout restart deployment coredns --namespace kube-system + register: restart_coredns_deployment + when: not stat_coredns_known_hosts.stat.exists or hosts_files_differ + +- name: Copy /etc/hosts to /var/lib/epiphany/{{ coredns_vars.known_hosts_file_name }} + copy: + src: /etc/hosts + dest: /var/lib/epiphany/{{ coredns_vars.known_hosts_file_name }} + remote_src: yes + mode: preserve + when: restart_coredns_deployment.changed