gzip cloud-init data on openstack platforms (RKE2 CAPI provider 0.13.x)
What does this MR do and why?
As tracked in #2343 (closed) and #2105 (closed), the cloud-init data limit of 64kB on openstack can easely be reached.
In cloud-init documentation, we can read that that content found to be gzip compressed will be uncompressed.. Initial tests have shown that it enabled to reduce significantly the size of user-data:
~$ k get secrets management-cluster-control-plane-kftxm -o yaml | yq .data.value | base64 -d | wc -c
14002
~$ k get secrets management-cluster-control-plane-kftxm -o yaml | yq .data.value | base64 -d | gunzip | wc -c
35759But we've also observed that cloud-init compression is not supported on all platforms, it fails on capm3 for example.
The purpose of this MR is to use a custom build of rke2 bootstrap provider that includes following patch that conditionally gzip the cloud-init data:
https://github.com/zioc/cluster-api-provider-rke2/commit/34d16e94c9848154769caedadfae0052e8d29524
Ultimately this function should rely on an optional field in rke2config that would trigger the compression of user-data (storeBootstrapData has a scope parameter that has references to various machine parameters, like Machine, Cluster, rke2config, rke2controlplane..., it would be easy to implement, and kubeadm bootstrap controller has the same function)
In the meantime, as we don't want to change the schema, we rely on an annotation instead.
As rke2configTemplate.spec.template does not allow to specify annotations, it's not easy to add annotations to rke2config objects.
For that reason, I choosed to add the annotation to the Cluster object instead in this temporary build.
Note:
As discussed with @tmmorin and @stoub, I've ported the changes made by @tmmorin to build the version 0.12.0-skip-etcd-membership-removal on top of the change that I am proposing here in order to use the same code base for the 2 controllers.
Related reference(s)
Test coverage
CI configuration
Below you can choose test deployment variants to run in this MR's CI.
Click to open to CI configuration
Legend:
| Icon | Meaning | Available values |
|---|---|---|
| Infra Provider |
capd, capo, capm3
|
|
| Bootstrap Provider |
kubeadm (alias kadm), rke2
|
|
| Node OS |
ubuntu, suse
|
|
| Deployment Options |
light-deploy, dev-sources, ha, misc, maxsurge-0, logging
|
|
| Pipeline Scenarios | Available scenario list and description |
-
🎬 preview☁️ capd🚀 kadm🐧 ubuntu -
🎬 preview☁️ capo🚀 rke2🐧 suse -
🎬 preview☁️ capm3🚀 rke2🐧 ubuntu -
☁️ capd🚀 kadm🛠️ light-deploy🐧 ubuntu -
☁️ capd🚀 rke2🛠️ light-deploy🐧 suse -
☁️ capo🚀 rke2🐧 suse -
☁️ capo🚀 rke2🐧 ubuntu -
☁️ capo🚀 rke2🎬 rolling-update🛠️ ha🐧 ubuntu -
☁️ capo🚀 kadm🎬 wkld-k8s-upgrade🐧 ubuntu -
☁️ capo🚀 rke2🎬 rolling-update-no-wkld🛠️ ha,misc🐧 suse -
☁️ capo🚀 rke2🎬 sylva-upgrade-from-1.3.x🛠️ ha,logging🐧 ubuntu -
☁️ capm3🚀 rke2🐧 suse -
☁️ capm3🚀 kadm🐧 ubuntu -
☁️ capm3🚀 kadm🎬 rolling-update-no-wkld🛠️ ha,misc🐧 ubuntu -
☁️ capm3🚀 rke2🎬 wkld-k8s-upgrade🛠️ ha🐧 suse -
☁️ capm3🚀 kadm🎬 rolling-update🛠️ ha🐧 ubuntu -
☁️ capm3🚀 rke2🎬 sylva-upgrade-from-1.3.x🛠️ logging,ha🐧 suse -
☁️ capm3🚀 kadm🎬 rolling-update🛠️ ha🐧 suse
Global config for deployment pipelines
-
autorun pipelines -
allow failure on pipelines -
record sylvactl events
Notes:
- Enabling
autorunwill make deployment pipelines to be run automatically without human interaction - Disabling
allow failurewill make deployment pipelines mandatory for pipeline success. - if both
autorunandallow failureare disabled, deployment pipelines will need manual triggering but will be blocking the pipeline
Be aware: after configuration change, pipeline is not triggered automatically.
Please run it manually (by clicking the run pipeline button in Pipelines tab) or push new code.