Enable endpoint slices when upgrading through CLI #4864
Conversation
There was a problem hiding this comment.
I'm struggling to wrap my head around the interaction of flags and configs but I thiiiiiiiiiiink what we need to do here is to add the endpoint slice flag to the list of flags in installOptions.recordFlags. I believe that this will cause linkerd upgrade to save the value of the endpoint slice flag into the upgrade options. @alpeb does this sound correct to you?
Hmmm, I am struggling a bit myself with flags and configs 😅. I thought that was already happening. I remember I specifically looked at which flag set carries on to My assumption was that initially when using the recordable flags we render out the values (including Again, not sure if I misunderstood something along the way. |
There was a problem hiding this comment.
Ok after digging a little bit deeper, this looks correct after all. Sorry for the confusion 😅
I'm starting to regret the advice that I gave you in #4740 (comment) about making this a value read from the config rather than a flag to the destination service. If we had decided to go with a destination service flag, then I don't think we would need to store this directly in the global config at all and it could just be a recorded flag. Additionally, doing an upgrade where we enable or disable endpoint slices currently doesn't trigger the destination controller to restart because the manifest doesn't change. If we had made this a destination flag, it would trigger a restart, which would be nice. Anyway, not sure if we want to revisit that right now or not.
cli/cmd/upgrade.go
Outdated
| @@ -292,6 +292,16 @@ func (options *upgradeOptions) validateAndBuild(stage string, k *k8s.KubernetesA | |||
| } | |||
| } | |||
|
|
|||
| if options.enableEndpointSlices != configs.GetGlobal().GetEndpointSliceEnabled() { | |||
There was a problem hiding this comment.
I don't think we specifically need this check because setFlagsFromInstall will make the default value of the flag be the value that was stored in the configmap. Additionally, we could move this up to around line 250 to be next to the OmitWebhookSideEffects setting, since they both work the same way (a global configs setting from a recorded flag).
|
Yep, flag handling is currently some convoluted business :-( |
When upgrading the linkerd control plane through the cli, if upgrading with endpoint slices turned on (when they were previously off), the new flag does not persist in the configmap. To fix this, the configmap value should now be updated if upgrading with slices turned on. Additionally, the helm configmap tmpl also used a different name to the protobuf file, this has been changed to avoid future issues. Signed-off-by: Matei David <matei.david.35@gmail.com>
|
Hiya @alpeb and @adleong thanks for the comments! @adleong I see your point about the upgrade story... I'd say optimistically adopters would still roll their pods even though the manifest has not changed? Either way, I'd be more than willing to revisit this and do the required work, however, would deprecating the
makes sense! don't think at the moment it needs to be changed, because the flag name is still the same but the name of the feature in the configmap is different. The reason for this difference in naming is because at the time I thought Would you like me to rename the flag to be the same as the cm field -- so both would be |
Signed-off-by: Matei David <matei.david.35@gmail.com>
Signed-off-by: Matei David <matei.david.35@gmail.com>
|
The
Looking at current flags, we have As for the the CM and values.yaml names, I think it's less confusing naming them like the flag. That being said, I agree it's better to have it as a destination flag instead. Just removing |
Remove cm value from install.go and remove cm value from _config.tpl Add flag to destination service chart tpl Remove value overwrite in upgrade & value from proto file Use destination service flag in main function Signed-off-by: Matei David <matei.david.35@gmail.com>
|
@alpeb thank you for the comment! Based on your feedback and Alex's, I have updated this PR to use the flag in the destination service instead of storing it in the configmap. It would be great to have this double checked to ensure there is no compatibility issue moving forward. Changes
Tests
✅ from enabled to disabled $ target/cli/darwin/linkerd install --registry=docker.io/matei207 --enable-endpoint-slices --controller-log-level=debug | k apply -f -
$ k get cm linkerd-config -n linkerd -o yaml | grep endpointSliceEnabled # removed CM value
$ k logs linkerd-destination-78879d5c94-fxf2v -n linkerd destination | grep Watching
time="2020-08-17T14:34:58Z" level=debug msg="Watching EndpointSlice resources" addr=":8086" component=endpoints-watcher
$ target/cli/darwin/linkerd upgrade --enable-endpoint-slices=false | kubectl apply --prune -l linkerd.io/control-plane-ns=linkerd -f -
$ k get cm linkerd-config -n linkerd -o yaml | grep endpointSliceEnabled
$ k get pods -n linkers -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
linkerd-controller-64bff856cd-cjvxp 2/2 Running 0 62m 10.244.2.2 kind-worker2 <none> <none>
linkerd-destination-6fb886b4df-cggjt 2/2 Running 0 26s 10.244.2.7 kind-worker2 <none> <none>
linkerd-destination-78879d5c94-fxf2v 0/2 Terminating 0 62m 10.244.3.3 kind-worker <none> <none>
(…)
$ k logs linkerd-destination-6fb886b4df-cggjt -n linkerd destination | grep Watching
time="2020-08-17T15:36:50Z" level=debug msg="Watching Endpoints resources" addr=":8086" component=endpoints-watcher✅ from disabled to enabled $ target/cli/darwin/linkerd install --registry=docker.io/matei207 --controller-log-level=debug | k apply -f -
$ k get cm linkerd-config -n linkerd -o yaml | grep endpointSliceEnabled # removed CM value
$ k logs linkerd-destination-7ff85f8984-8q9j2 -n linkerd destination | grep Watching
time="2020-08-17T15:44:24Z" level=debug msg="Watching Endpoints resources" addr=":8086" component=endpoints-watcher
$ target/cli/darwin/linkerd upgrade --enable-endpoint-slices | kubectl apply --prune -l linkerd.io/control-plane-ns=linkerd -f -
$ kgp -n linkerd -o wide
NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES
linkerd-controller-6d5746f8f5-28w4p 2/2 Running 0 15m 10.244.2.8 kind-worker2 <none> <none>
linkerd-destination-6dd97457f-hjz8t 2/2 Running 0 76s 10.244.2.13 kind-worker2 <none> <none>
$ k get cm linkerd-config -n linkerd -o yaml | grep endpointSliceEnabled
$ k logs linkerd-destination-6dd97457f-hjz8t -n linkerd destination | grep Watching
time="2020-08-17T15:58:27Z" level=debug msg="Watching EndpointSlice resources" addr=":8086" component=endpoints-watcherAnd last but not least: @adleong WDYT? |
🚢 🎖️
What/How
@adleong pointed out in #4780 that when enabling slices during an upgrade, the new value does not persist in the
linkerd-configConfigMap. I took a closer look and it seems that we were never overwriting the values in case they were different.EndpointSlicesyet the flag is set to true, we will error out. This is done similarly (copy&paste similarily) to what's in the install part.enableEndpointSlicesfield name. I assume this was not changed in the initial PR to reflect the changes made in the protocol buffer. The API (and thus the CLI) uses the field nameendpointSliceEnabledinstead. I have changed the config template so that helm installations will use the same field, which can then be used in the destination service or other components that may implement slice support in the future.Tests
Install w/ slices off and upgrade w/ slices on
Install w/ slices on and upgrade w/ slices off
Helm install
Helm:
Signed-off-by: Matei David matei.david.35@gmail.com