From 75fb4e5d11e3abda948207a00002ec8ac3d42965 Mon Sep 17 00:00:00 2001 From: Dalton Hubble Date: Mon, 16 Mar 2020 21:57:45 -0700 Subject: [PATCH] Remove Container Linux Update Operator (CLUO) addon * Stop providing example manifests for the Container Linux Update Operator (CLUO) * CLUO requires patches to support Kubernetes v1.16+, but the project and push access is rather unowned * CLUO hasn't been in active use in our clusters and won't be relevant beyond Container Linux. Not to say folks can't patch it and run it on their own. Examples just aren't provided here Related: https://github.com/coreos/container-linux-update-operator/pull/197 --- CHANGES.md | 2 + addons/cluo/0-namespace.yaml | 4 -- addons/cluo/cluster-role-binding.yaml | 12 ----- addons/cluo/cluster-role.yaml | 45 ------------------ addons/cluo/update-agent.yaml | 68 --------------------------- addons/cluo/update-operator.yaml | 39 --------------- docs/addons/cluo.md | 29 ------------ docs/addons/overview.md | 1 - docs/cl/aws.md | 3 -- docs/cl/azure.md | 3 -- docs/cl/bare-metal.md | 3 -- docs/cl/digital-ocean.md | 3 -- docs/cl/google-cloud.md | 3 -- mkdocs.yml | 1 - 14 files changed, 2 insertions(+), 214 deletions(-) delete mode 100644 addons/cluo/0-namespace.yaml delete mode 100644 addons/cluo/cluster-role-binding.yaml delete mode 100644 addons/cluo/cluster-role.yaml delete mode 100644 addons/cluo/update-agent.yaml delete mode 100644 addons/cluo/update-operator.yaml delete mode 100644 docs/addons/cluo.md diff --git a/CHANGES.md b/CHANGES.md index 403f382ea..cc5257941 100644 --- a/CHANGES.md +++ b/CHANGES.md @@ -49,6 +49,8 @@ Notable changes between versions. * Update node-exporter from v0.18.1 to [v1.0.0-rc.0](https://github.com/prometheus/node_exporter/releases/tag/v1.0.0-rc.0) * Update Grafana from v6.6.1 to v6.6.2 * Refresh Grafana dashboards +* Remove Container Linux Update Operator (CLUO) addon + * CLUO doesn't support Kubernetes v1.16+, hasn't been in active use, and won't be relevant beyond Container Linux ## v1.17.3 diff --git a/addons/cluo/0-namespace.yaml b/addons/cluo/0-namespace.yaml deleted file mode 100644 index ab77e1f2e..000000000 --- a/addons/cluo/0-namespace.yaml +++ /dev/null @@ -1,4 +0,0 @@ -apiVersion: v1 -kind: Namespace -metadata: - name: reboot-coordinator diff --git a/addons/cluo/cluster-role-binding.yaml b/addons/cluo/cluster-role-binding.yaml deleted file mode 100644 index adf8f83b4..000000000 --- a/addons/cluo/cluster-role-binding.yaml +++ /dev/null @@ -1,12 +0,0 @@ -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - name: reboot-coordinator -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: reboot-coordinator -subjects: - - kind: ServiceAccount - namespace: reboot-coordinator - name: default diff --git a/addons/cluo/cluster-role.yaml b/addons/cluo/cluster-role.yaml deleted file mode 100644 index bbd86dd04..000000000 --- a/addons/cluo/cluster-role.yaml +++ /dev/null @@ -1,45 +0,0 @@ -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - name: reboot-coordinator -rules: - - apiGroups: - - "" - resources: - - nodes - verbs: - - get - - list - - watch - - update - - apiGroups: - - "" - resources: - - configmaps - verbs: - - create - - get - - update - - list - - watch - - apiGroups: - - "" - resources: - - events - verbs: - - create - - watch - - apiGroups: - - "" - resources: - - pods - verbs: - - get - - list - - delete - - apiGroups: - - "extensions" - resources: - - daemonsets - verbs: - - get diff --git a/addons/cluo/update-agent.yaml b/addons/cluo/update-agent.yaml deleted file mode 100644 index 1d0bef0b6..000000000 --- a/addons/cluo/update-agent.yaml +++ /dev/null @@ -1,68 +0,0 @@ -apiVersion: apps/v1 -kind: DaemonSet -metadata: - name: container-linux-update-agent - namespace: reboot-coordinator -spec: - updateStrategy: - type: RollingUpdate - rollingUpdate: - maxUnavailable: 1 - selector: - matchLabels: - name: container-linux-update-agent - template: - metadata: - labels: - name: container-linux-update-agent - annotations: - seccomp.security.alpha.kubernetes.io/pod: 'docker/default' - spec: - tolerations: - - key: node-role.kubernetes.io/master - operator: Exists - effect: NoSchedule - containers: - - name: update-agent - image: quay.io/coreos/container-linux-update-operator:v0.7.0 - command: - - "/bin/update-agent" - env: - # read by update-agent as the node name to manage reboots for - - name: UPDATE_AGENT_NODE - valueFrom: - fieldRef: - fieldPath: spec.nodeName - - name: POD_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - resources: - requests: - cpu: 10m - memory: 20Mi - limits: - cpu: 20m - memory: 40Mi - volumeMounts: - - mountPath: /var/run/dbus - name: var-run-dbus - - mountPath: /etc/coreos - name: etc-coreos - - mountPath: /usr/share/coreos - name: usr-share-coreos - - mountPath: /etc/os-release - name: etc-os-release - volumes: - - name: var-run-dbus - hostPath: - path: /var/run/dbus - - name: etc-coreos - hostPath: - path: /etc/coreos - - name: usr-share-coreos - hostPath: - path: /usr/share/coreos - - name: etc-os-release - hostPath: - path: /etc/os-release diff --git a/addons/cluo/update-operator.yaml b/addons/cluo/update-operator.yaml deleted file mode 100644 index d814626b7..000000000 --- a/addons/cluo/update-operator.yaml +++ /dev/null @@ -1,39 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: container-linux-update-operator - namespace: reboot-coordinator -spec: - replicas: 1 - selector: - matchLabels: - name: container-linux-update-operator - template: - metadata: - labels: - name: container-linux-update-operator - annotations: - seccomp.security.alpha.kubernetes.io/pod: 'docker/default' - spec: - tolerations: - - key: node-role.kubernetes.io/master - operator: Exists - effect: NoSchedule - containers: - - name: update-operator - image: quay.io/coreos/container-linux-update-operator:v0.7.0 - command: - - "/bin/update-operator" - env: - - name: POD_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - resources: - requests: - cpu: 10m - memory: 20Mi - limits: - cpu: 20m - memory: 40Mi - diff --git a/docs/addons/cluo.md b/docs/addons/cluo.md deleted file mode 100644 index e96ebde51..000000000 --- a/docs/addons/cluo.md +++ /dev/null @@ -1,29 +0,0 @@ -# Container Linux Update Operator - -The [Container Linux Update Operator](https://github.com/coreos/container-linux-update-operator) (i.e. CLUO) coordinates reboots of auto-updating Container Linux nodes so that one node reboots at a time and nodes are drained before reboot. CLUO enables the auto-update behavior Container Linux clusters are known for, but does so in a Kubernetes native way. - -## Create - -Create the `update-operator` deployment and `update-agent` DaemonSet. - -```sh -kubectl apply -f addons/cluo -R -``` - -## Usage - -`update-agent` runs as a DaemonSet and annotates a node when `update-engine.service` indicates an update has been installed and a reboot is needed. It also adds additional labels and annotations to nodes. - -``` -$ kubectl get nodes --show-labels -... -container-linux-update.v1.coreos.com/group=stable -container-linux-update.v1.coreos.com/version=1632.3.0 -``` - -`update-operator` ensures one node reboots at a time and that pods are drained prior to reboot. - -!!! note "" - CLUO replaces `locksmithd` reboot coordination. The `update_engine` systemd unit on hosts still performs the Container Linux update check, download, and install to the inactive partition. - - diff --git a/docs/addons/overview.md b/docs/addons/overview.md index c56fbd54d..e15988b7e 100644 --- a/docs/addons/overview.md +++ b/docs/addons/overview.md @@ -2,7 +2,6 @@ Every Typhoon cluster is verified to work well with several post-install addons. -* [CLUO](cluo.md) (Container Linux only) * Nginx [Ingress Controller](ingress.md) * [Prometheus](prometheus.md) * [Grafana](grafana.md) diff --git a/docs/cl/aws.md b/docs/cl/aws.md index c67700804..75a0f77b9 100644 --- a/docs/cl/aws.md +++ b/docs/cl/aws.md @@ -170,9 +170,6 @@ kube-system kube-scheduler-ip-10-0-3-155 1/1 Running 1 Learn about [maintenance](/topics/maintenance/) and [addons](/addons/overview/). -!!! note - On Container Linux clusters, install the `CLUO` addon to coordinate reboots and drains when nodes auto-update. Otherwise, updates may not be applied until the next reboot. - ## Variables Check the [variables.tf](https://github.com/poseidon/typhoon/blob/master/aws/container-linux/kubernetes/variables.tf) source. diff --git a/docs/cl/azure.md b/docs/cl/azure.md index 84da4c946..9ca478fb3 100644 --- a/docs/cl/azure.md +++ b/docs/cl/azure.md @@ -176,9 +176,6 @@ kube-system kube-scheduler-ramius-controller-0 1/1 Running 0 Learn about [maintenance](/topics/maintenance/) and [addons](/addons/overview/). -!!! note - On Container Linux clusters, install the `CLUO` addon to coordinate reboots and drains when nodes auto-update. Otherwise, updates may not be applied until the next reboot. - ## Variables Check the [variables.tf](https://github.com/poseidon/typhoon/blob/master/azure/container-linux/kubernetes/variables.tf) source. diff --git a/docs/cl/bare-metal.md b/docs/cl/bare-metal.md index a9a24941c..a1907319b 100644 --- a/docs/cl/bare-metal.md +++ b/docs/cl/bare-metal.md @@ -326,9 +326,6 @@ kube-system kube-scheduler-node1.example.com 1/1 Running 0 Learn about [maintenance](/topics/maintenance/) and [addons](/addons/overview/). -!!! note - On Container Linux clusters, install the `CLUO` addon to coordinate reboots and drains when nodes auto-update. Otherwise, updates may not be applied until the next reboot. - ## Variables Check the [variables.tf](https://github.com/poseidon/typhoon/blob/master/bare-metal/container-linux/kubernetes/variables.tf) source. diff --git a/docs/cl/digital-ocean.md b/docs/cl/digital-ocean.md index 5777eb279..9ca49a625 100644 --- a/docs/cl/digital-ocean.md +++ b/docs/cl/digital-ocean.md @@ -187,9 +187,6 @@ kube-system kube-scheduler-ip-10.132.115.81 1/1 Running 0 Learn about [maintenance](/topics/maintenance/) and [addons](/addons/overview/). -!!! note - On Container Linux clusters, install the `CLUO` addon to coordinate reboots and drains when nodes auto-update. Otherwise, updates may not be applied until the next reboot. - ## Variables Check the [variables.tf](https://github.com/poseidon/typhoon/blob/master/digital-ocean/container-linux/kubernetes/variables.tf) source. diff --git a/docs/cl/google-cloud.md b/docs/cl/google-cloud.md index 3126d2e4d..5b041d1c3 100644 --- a/docs/cl/google-cloud.md +++ b/docs/cl/google-cloud.md @@ -194,9 +194,6 @@ kube-system kube-scheduler-controller-0 1/1 Running 0 Learn about [maintenance](/topics/maintenance/) and [addons](/addons/overview/). -!!! note - On Container Linux clusters, install the `CLUO` addon to coordinate reboots and drains when nodes auto-update. Otherwise, updates may not be applied until the next reboot. - ## Variables Check the [variables.tf](https://github.com/poseidon/typhoon/blob/master/google-cloud/container-linux/kubernetes/variables.tf) source. diff --git a/mkdocs.yml b/mkdocs.yml index aef695cc7..45d35c0c3 100644 --- a/mkdocs.yml +++ b/mkdocs.yml @@ -75,7 +75,6 @@ nav: - 'Worker Pools': 'advanced/worker-pools.md' - 'Addons': - 'Overview': 'addons/overview.md' - - 'CLUO': 'addons/cluo.md' - 'Nginx Ingress': 'addons/ingress.md' - 'Prometheus': 'addons/prometheus.md' - 'Grafana': 'addons/grafana.md'