Skip to content

Draft: feat(k8s): rolling release

Sebastian K requested to merge feat/rolling-release into master

** Only "Proof of Concept" so far **

TODO:

  • socket.io sticky session cookie not seem to be working (creating many connections)

what changed:

  • socket.io: added mongo-db adapter to make it work in cluster settings
    • needs sticky sessions, added related key in ingress
  • mongodb: changed to bitnami docker image and replica mode
    • reason: for socket-io adapter change streams are required which only work if mongo is running in replica mode even if it's just one instance. Tried that with the default mongo image, but it good messy pretty quickly since you need to mount a keyfile (which is not easy to do with right permissions (0600) in combination with the security settings and the read-only file system / non-priv. user) and need to embed scripts to initate the replicaset and create the user. Changing the docker image is a bigger shift, not too happy about it. Maybe I could look into a way with the native docker image again.
    • no replication added since that's another topic and more complicated
  • node backend: if the storage dir is not set, deactivate all routes that need it, but all other routes keep working
  • topology
    • client deployment: 2 pods, 1 on each node
    • server deployment (no volume mounted): 2 pods, 1 on each node
    • server deployment (with volume): 1-2 pods, both on the same node (can both mount RWO volume only then)
    • database: still 1 pod on one node
  • routing:
    • api requests are routed to both server deployments by default
    • avatar routes are only routed to server deployment with volume

how the update works

  • client / server (no storage): maxSurge=0 (not going over count of 2 pods)
  • server (with storage): maxSurge=1 (currently 1 pod only, so another one is added only for upgrade to prevent downtime)
  • database: only recreates if it's config changed which should not happen often (removed the timestamp annotation)

further points

  • client shouldn't probably show update popup if only server or k8s templates have changed and are deployed
  • backup needs to be updated to add oplog flag
  • mongodb replica cluster: would require 2 replica nodes and 1 arbiter node; not feasible probably
Edited by Sebastian K

Merge request reports