Enable coredns unit in kubeadm

Bogdan Antoherequested to merge
ba-kubeadm into main

What does this MR do and why?

I've noticed multiple failures on kubeadm upgrade from 1.3.x to 1.4.x :


ArtifactFailed - failed to download archive: GET http://source-controller.flux-system.svc.cluster.local./ocirepository/sylva-system/sylva-core/sha256:9d72e4674d2876093e14115443114914830dbf2b53a2e733af18f028e5977632.tar.gz giving up after 10 attempt(s): Get "http://source-controller.flux-system.svc.cluster.local./ocirepository/sylva-system/sylva-core/sha256:9d72e4674d2876093e14115443114914830dbf2b53a2e733af18f028e5977632.tar.gz": dial tcp: lookup source-controller.flux-system.svc.cluster.local. on 100.73.0.10:53: read udp 100.72.104.26:5081

This error is present only in kubeadm and my supposition is following, in 1.3 unit coredns is used to configure the application by creating the configmap. In 1.4 we have introduced a new unit coredns responsible with the deployment of rke2-coredns helm chart and for configuration part we rely on coredns-config unit.

And the problem comes on upgrade stage because coredns unit is enabled in 1.4 just for rke2 clusters and as a results in kubeadm this unit is disable and flux will consider necessarily to remove all the resources created by it. Which means the coredns is not configured anymore(cm is removed), flux is never able to reconciliate ( due of inability of getting sources, see source controller error) and apply coredns-config unit.

The aim of this MR is to add option prune: false ( avoid losing config map) into unit coredns and allow the execution of kustomization but without impacting coredns already installed on kubeadm cluster by adding suspend: true into helmrelease.

Related reference(s)

Test coverage

CI configuration

Below you can choose test deployment variants to run in this MR's CI.

Click to open to CI configuration

Legend:

Icon Meaning Available values
☁️ Infra Provider capd, capo, capm3
🚀 Bootstrap Provider kubeadm (alias kadm), rke2
🐧 Node OS ubuntu, suse
🛠️ Deployment Options light-deploy, dev-sources, ha, misc, maxsurge-0, logging, no-logging
🎬 Pipeline Scenarios Available scenario list and description

  • 🎬 preview ☁️ capd 🚀 kadm 🐧 ubuntu

  • 🎬 preview ☁️ capo 🚀 rke2 🐧 suse

  • 🎬 preview ☁️ capm3 🚀 rke2 🐧 ubuntu

  • ☁️ capd 🚀 kadm 🛠️ light-deploy 🐧 ubuntu

  • ☁️ capd 🚀 rke2 🛠️ light-deploy 🐧 suse

  • ☁️ capo 🚀 rke2 🐧 suse

  • ☁️ capo 🚀 kadm 🐧 ubuntu

  • ☁️ capo 🚀 rke2 🎬 rolling-update 🛠️ ha 🐧 ubuntu

  • ☁️ capo 🚀 kadm 🎬 wkld-k8s-upgrade 🐧 ubuntu

  • ☁️ capo 🚀 rke2 🎬 rolling-update-no-wkld 🛠️ ha 🐧 suse

  • ☁️ capo 🚀 rke2 🎬 sylva-upgrade 🛠️ ha 🐧 ubuntu

  • ☁️ capo 🚀 kadm 🎬 sylva-upgrade 🛠️ ha 🐧 ubuntu

  • ☁️ capo 🚀 rke2 🎬 sylva-upgrade-from-1.4.x 🛠️ ha,misc 🐧 ubuntu

  • ☁️ capo 🚀 rke2 🛠️ ha,misc 🐧 ubuntu

  • ☁️ capm3 🚀 rke2 🐧 suse

  • ☁️ capm3 🚀 kadm 🐧 ubuntu

  • ☁️ capm3 🚀 kadm 🎬 rolling-update-no-wkld 🛠️ ha,misc 🐧 ubuntu

  • ☁️ capm3 🚀 rke2 🎬 wkld-k8s-upgrade 🛠️ ha 🐧 suse

  • ☁️ capm3 🚀 kadm 🎬 rolling-update 🛠️ ha 🐧 ubuntu

  • ☁️ capm3 🚀 rke2 🎬 sylva-upgrade-from-1.4.x 🛠️ ha 🐧 suse

  • ☁️ capm3 🚀 rke2 🛠️ misc,ha 🐧 suse

  • ☁️ capm3 🚀 kadm 🎬 sylva-upgrade 🛠️ ha 🐧 suse

  • ☁️ capm3 🚀 rke2 🎬 sylva-upgrade 🛠️ ha 🐧 suse

  • ☁️ capm3 🚀 kadm 🎬 rolling-update 🛠️ ha 🐧 suse

  • ☁️ capm3 🚀 ck8s 🎬 no-wkld 🛠️ light-deploy 🐧 ubuntu

Global config for deployment pipelines

  • autorun pipelines
  • allow failure on pipelines
  • record sylvactl events

Notes:

  • Enabling autorun will make deployment pipelines to be run automatically without human interaction
  • Disabling allow failure will make deployment pipelines mandatory for pipeline success.
  • if both autorun and allow failure are disabled, deployment pipelines will need manual triggering but will be blocking the pipeline

Be aware: after configuration change, pipeline is not triggered automatically. Please run it manually (by clicking the run pipeline button in Pipelines tab) or push new code.

Edited by Bogdan Antohe

Merge request reports