feat: introduce 'OnDelete' rollout strategy type

With this strategy, machines will be replaced only when existing machine is deleted and new one is created as part of scale-up event. Signed-off-by: Andrey Smirnov <[email protected]> (cherry picked from commit 678aad5)
siderolabs · Jul 25, 2022 · 0cc410e · 0cc410e
1 parent 8dd3361
commit 0cc410e
Show file tree

Hide file tree

Showing 12 changed files with 113 additions and 10 deletions.
diff --git a/Dockerfile b/Dockerfile
@@ -33,7 +33,6 @@ RUN --mount=type=cache,target=/.cache go mod download
 RUN --mount=type=cache,target=/.cache go mod verify
 COPY ./ ./
 RUN --mount=type=cache,target=/.cache go list -mod=readonly all >/dev/null
-RUN --mount=type=cache,target=/.cache ! go mod tidy -v 2>&1 | grep .
 
 FROM build AS manifests-build
 ARG NAME

diff --git a/api/v1alpha3/taloscontrolplane_types.go b/api/v1alpha3/taloscontrolplane_types.go
@@ -29,6 +29,9 @@ const (
 	// RollingUpdateStrategyType replaces the old control planes by new one using rolling update
 	// i.e. gradually scale up or down the old control planes and scale up or down the new one.
 	RollingUpdateStrategyType RolloutStrategyType = "RollingUpdate"
+	// OnDeleteStrategyType doesn't replace the nodes automatically, but if the machine is removed,
+	// new one will be created from the new spec.
+	OnDeleteStrategyType RolloutStrategyType = "OnDelete"
 )
 
 // TalosControlPlaneSpec defines the desired state of TalosControlPlane
@@ -67,8 +70,12 @@ type RolloutStrategy struct {
 	// +optional
 	RollingUpdate *RollingUpdate `json:"rollingUpdate,omitempty"`
 
-	// Type of rollout. Currently the only supported strategy is
-	// "RollingUpdate".
+	// Change rollout strategy.
+	//
+	// Supported strategies:
+	//  * "RollingUpdate".
+	//  * "OnDelete"
+	//
 	// Default is RollingUpdate.
 	// +optional
 	Type RolloutStrategyType `json:"type,omitempty"`

diff --git a/api/v1alpha3/taloscontrolplane_webhook.go b/api/v1alpha3/taloscontrolplane_webhook.go
@@ -5,9 +5,14 @@
 package v1alpha3
 
 import (
+	"fmt"
 	"strings"
 
+	apierrors "k8s.io/apimachinery/pkg/api/errors"
+	runtime "k8s.io/apimachinery/pkg/runtime"
+	"k8s.io/apimachinery/pkg/runtime/schema"
 	"k8s.io/apimachinery/pkg/util/intstr"
+	"k8s.io/apimachinery/pkg/util/validation/field"
 	ctrl "sigs.k8s.io/controller-runtime"
 	"sigs.k8s.io/controller-runtime/pkg/webhook"
 )
@@ -20,8 +25,12 @@ func (r *TalosControlPlane) SetupWebhookWithManager(mgr ctrl.Manager) error {
 }
 
 // +kubebuilder:webhook:verbs=create;update,path=/mutate-controlplane-cluster-x-k8s-io-v1alpha3-taloscontrolplane,mutating=true,failurePolicy=fail,matchPolicy=Equivalent,groups=controlplane.cluster.x-k8s.io,resources=taloscontrolplanes,versions=v1alpha3,name=default.taloscontrolplane.controlplane.cluster.x-k8s.io,sideEffects=None,admissionReviewVersions=v1;v1beta1
+//+kubebuilder:webhook:verbs=create;update;delete,path=/validate-controlplane-cluster-x-k8s-io-v1alpha3-taloscontrolplane,mutating=false,failurePolicy=fail,groups=controlplane.cluster.x-k8s.io,resources=taloscontrolplanes,versions=v1alpha3,name=validate.taloscontrolplane.controlplane.cluster.x-k8s.io,sideEffects=None,admissionReviewVersions=v1
 
-var _ webhook.Defaulter = &TalosControlPlane{}
+var (
+	_ webhook.Defaulter = &TalosControlPlane{}
+	_ webhook.Validator = &TalosControlPlane{}
+)
 
 // Default implements webhook.Defaulter so a webhook will be registered for the type.
 func (r *TalosControlPlane) Default() {
@@ -63,3 +72,46 @@ func defaultRolloutStrategy(rolloutStrategy *RolloutStrategy) *RolloutStrategy {
 
 	return rolloutStrategy
 }
+
+// ValidateCreate implements webhook.Validator so a webhook will be registered for the type
+func (r *TalosControlPlane) ValidateCreate() error {
+	return r.validate()
+}
+
+// ValidateUpdate implements webhook.Validator so a webhook will be registered for the type
+func (r *TalosControlPlane) ValidateUpdate(old runtime.Object) error {
+	return r.validate()
+}
+
+// ValidateDelete implements webhook.Validator so a webhook will be registered for the type
+func (r *TalosControlPlane) ValidateDelete() error {
+	return nil
+}
+
+func (r *TalosControlPlane) validate() error {
+	var allErrs field.ErrorList
+
+	if r.Spec.RolloutStrategy == nil {
+		return nil
+	}
+
+	switch r.Spec.RolloutStrategy.Type {
+	case "":
+	case RollingUpdateStrategyType:
+	case OnDeleteStrategyType:
+	default:
+		allErrs = append(allErrs,
+			field.Invalid(field.NewPath("spec").Child("rolloutStrategy"), r.Spec.RolloutStrategy.Type,
+				fmt.Sprintf("valid values are: %q", []RolloutStrategyType{RollingUpdateStrategyType, OnDeleteStrategyType}),
+			),
+		)
+	}
+
+	if len(allErrs) == 0 {
+		return nil
+	}
+
+	return apierrors.NewInvalid(
+		schema.GroupKind{Group: GroupVersion.Group, Kind: "TalosControlPlane"},
+		r.Name, allErrs)
+}
diff --git a/api/v1alpha3/zz_generated.deepcopy.go b/api/v1alpha3/zz_generated.deepcopy.go
diff --git a/config/crd/bases/controlplane.cluster.x-k8s.io_taloscontrolplanes.yaml b/config/crd/bases/controlplane.cluster.x-k8s.io_taloscontrolplanes.yaml
@@ -207,8 +207,8 @@ spec:
                         x-kubernetes-int-or-string: true
                     type: object
                   type:
-                    description: Type of rollout. Currently the only supported strategy
-                      is "RollingUpdate". Default is RollingUpdate.
+                    description: "Change rollout strategy. \n Supported strategies:
+                      * \"RollingUpdate\". * \"OnDelete\" \n Default is RollingUpdate."
                     type: string
                 type: object
               version:

diff --git a/config/default/webhookcainjection_patch.yaml b/config/default/webhookcainjection_patch.yaml
@@ -6,3 +6,10 @@ metadata:
   name: mutating-webhook-configuration
   annotations:
     cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME)
+---
+apiVersion: admissionregistration.k8s.io/v1
+kind: ValidatingWebhookConfiguration
+metadata:
+  name: validating-webhook-configuration
+  annotations:
+    cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME)
diff --git a/config/webhook/manifests.yaml b/config/webhook/manifests.yaml
@@ -27,3 +27,31 @@ webhooks:
     resources:
     - taloscontrolplanes
   sideEffects: None
+---
+apiVersion: admissionregistration.k8s.io/v1
+kind: ValidatingWebhookConfiguration
+metadata:
+  creationTimestamp: null
+  name: validating-webhook-configuration
+webhooks:
+- admissionReviewVersions:
+  - v1
+  clientConfig:
+    service:
+      name: webhook-service
+      namespace: system
+      path: /validate-controlplane-cluster-x-k8s-io-v1alpha3-taloscontrolplane
+  failurePolicy: Fail
+  name: validate.taloscontrolplane.controlplane.cluster.x-k8s.io
+  rules:
+  - apiGroups:
+    - controlplane.cluster.x-k8s.io
+    apiVersions:
+    - v1alpha3
+    operations:
+    - CREATE
+    - UPDATE
+    - DELETE
+    resources:
+    - taloscontrolplanes
+  sideEffects: None
diff --git a/controllers/controlplane.go b/controllers/controlplane.go
@@ -9,6 +9,7 @@ import (
 
 	"github.com/go-logr/logr"
 	"github.com/pkg/errors"
+	"github.com/talos-systems/cluster-api-control-plane-provider-talos/api/v1alpha3"
 	controlplanev1 "github.com/talos-systems/cluster-api-control-plane-provider-talos/api/v1alpha3"
 	apierrors "k8s.io/apimachinery/pkg/api/errors"
 	"k8s.io/apimachinery/pkg/apis/meta/v1/unstructured"
@@ -62,6 +63,10 @@ func (c *ControlPlane) MachineWithDeleteAnnotation(machines collections.Machines
 
 // MachinesNeedingRollout return a list of machines that need to be rolled out.
 func (c *ControlPlane) MachinesNeedingRollout() collections.Machines {
+	if c.TCP.Spec.RolloutStrategy != nil && c.TCP.Spec.RolloutStrategy.Type == v1alpha3.OnDeleteStrategyType {
+		return collections.New()
+	}
+
 	// Ignore machines to be deleted.
 	machines := c.Machines.Filter(collections.Not(collections.HasDeletionTimestamp))
 

diff --git a/controllers/upgrade.go b/controllers/upgrade.go
@@ -39,6 +39,9 @@ func (r *TalosControlPlaneReconciler) upgradeControlPlane(
 		}
 
 		return r.scaleDownControlPlane(ctx, cluster, tcp, controlPlane, machinesRequireUpgrade)
+	case controlplanev1.OnDeleteStrategyType:
+		// nothing to do, scale up handler will take care of creating machines with the new spec
+		return ctrl.Result{}, nil
 	default:
 		logger.Info("RolloutStrategy type is not set to RollingUpdateStrategyType, unable to determine the strategy for rolling out machines")
 		return ctrl.Result{}, nil

diff --git a/go.mod b/go.mod
@@ -14,7 +14,7 @@ require (
 	github.com/talos-systems/capi-utils v0.0.0-20220330110254-2b207c1f0aff
 	github.com/talos-systems/cluster-api-bootstrap-provider-talos v0.5.4
 	github.com/talos-systems/go-retry v0.3.1
-	github.com/talos-systems/talos/pkg/machinery v1.1.0
+	github.com/talos-systems/talos/pkg/machinery v1.1.1
 	google.golang.org/grpc v1.46.2
 	gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b
 	k8s.io/api v0.23.5

diff --git a/go.sum b/go.sum
@@ -706,6 +706,7 @@ github.com/talos-systems/crypto v0.3.5 h1:Jkxjzx/IfOvisjDAAoe7QaHySZ5+8v1xWOJ0o0
 github.com/talos-systems/crypto v0.3.5/go.mod h1:xaNCB2/Bxaj+qrkdeodhRv5eKQVvKOGBBMj58MrIPY8=
 github.com/talos-systems/go-blockdevice v0.3.1/go.mod h1:qnn/zDc09I1DA2BUDDCOSA2D0P8pIDjN8pGiRoRaQig=
 github.com/talos-systems/go-blockdevice v0.3.2/go.mod h1:qnn/zDc09I1DA2BUDDCOSA2D0P8pIDjN8pGiRoRaQig=
+github.com/talos-systems/go-blockdevice v0.3.3/go.mod h1:qnn/zDc09I1DA2BUDDCOSA2D0P8pIDjN8pGiRoRaQig=
 github.com/talos-systems/go-cmd v0.0.0-20210216164758-68eb0067e0f0/go.mod h1:kf+rZzTEmlDiYQ6ulslvRONnKLQH8x83TowltGMhO+k=
 github.com/talos-systems/go-debug v0.2.1/go.mod h1:pR4NjsZQNFqGx3n4qkD4MIj1F2CxyIF8DCiO1+05JO0=
 github.com/talos-systems/go-retry v0.1.1-0.20201113203059-8c63d290a688/go.mod h1:HiXQqyVStZ35uSY/MTLWVvQVmC3lIW2MS5VdDaMtoKM=
@@ -714,8 +715,9 @@ github.com/talos-systems/go-retry v0.3.1/go.mod h1:HiXQqyVStZ35uSY/MTLWVvQVmC3lI
 github.com/talos-systems/net v0.3.2 h1:IMseRyuha8fNsv/3FbQPRE9hLVRBEFR+9sxcoETQ5vI=
 github.com/talos-systems/net v0.3.2/go.mod h1:zhcGixNJz9dgwFiUwc7gkkAqdVqXagU1SNNoIVXYKGo=
 github.com/talos-systems/talos/pkg/machinery v1.0.0/go.mod h1:cJ/031WJGDnGQLW+zp+0lwkEn47orpJdfsJDf0BQVGM=
-github.com/talos-systems/talos/pkg/machinery v1.1.0 h1:JQ3HaqZ5MXkT3A6vd4VNCxz8Bx6OSqNsyTCGSkF8kAQ=
 github.com/talos-systems/talos/pkg/machinery v1.1.0/go.mod h1:uWoiXOau8UpalFrhOeOPD6iJ+wNtke5hrCa8DdfeuHg=
+github.com/talos-systems/talos/pkg/machinery v1.1.1 h1:wJYAwbIur8Vc3aQxEG18tZQFfQWDMp9XdZgWKTcjffo=
+github.com/talos-systems/talos/pkg/machinery v1.1.1/go.mod h1:cz/Ud0/+VhUzv7+HvKFXliKaM+RvIZhxZ1vApjVh83Y=
 github.com/tmc/grpc-websocket-proxy v0.0.0-20190109142713-0ad062ec5ee5/go.mod h1:ncp9v5uamzpCO7NfCPTXjqaC+bZgJeR0sMTm6dMHP7U=
 github.com/tmc/grpc-websocket-proxy v0.0.0-20201229170055-e5319fda7802/go.mod h1:ncp9v5uamzpCO7NfCPTXjqaC+bZgJeR0sMTm6dMHP7U=
 github.com/tv42/httpunix v0.0.0-20150427012821-b75d8614f926/go.mod h1:9ESjWnEqriFuLhtthL60Sar/7RFoluCcXsuvEwTV5KM=

diff --git a/hack/test/e2e-aws.sh b/hack/test/e2e-aws.sh
@@ -22,7 +22,7 @@ TAG="${TAG:-$(git describe --tag --always --dirty)}"
 REGION="us-east-1"
 BUCKET="talos-ci-e2e"
 PLATFORM=$(uname -s | tr "[:upper:]" "[:lower:]")
-TALOS_VERSION="${TALOS_DEFAULT:-v1.1.0}"
+TALOS_VERSION="${TALOS_DEFAULT:-v1.1.1}"
 K8S_VERSION="${K8S_VERSION:-v1.24.1}"
 export WORKLOAD_KUBERNETES_VERSION="${WORKLOAD_KUBERNETES_VERSION:-${K8S_VERSION}}"
 export UPGRADE_K8S_VERSION="${UPGRADE_K8S_VERSION:-v1.24.2}"