Skip to content

Commit

Permalink
Enforce containerd when maintenance-controller updates Kubernetes…
Browse files Browse the repository at this point in the history
… from `v1.22` to `v1.23` (gardener#8272)

* Enforce `containerd` when `maintenance-controller` updates Kubernetes from `v1.22` to `v1.23`

* Address PR review feedback
  • Loading branch information
oliver-goetz authored Jul 31, 2023
1 parent f53dc23 commit 617075f
Show file tree
Hide file tree
Showing 2 changed files with 80 additions and 0 deletions.
25 changes: 25 additions & 0 deletions pkg/controllermanager/controller/shoot/maintenance/reconciler.go
Original file line number Diff line number Diff line change
Expand Up @@ -143,6 +143,16 @@ func (r *Reconciler) reconcile(ctx context.Context, log logr.Logger, shoot *gard
return err
}

// Force containerd when shoot cluster is updated to k8s version >= 1.23
if versionutils.ConstraintK8sLess123.Check(oldShootKubernetesVersion) && versionutils.ConstraintK8sGreaterEqual123.Check(shootKubernetesVersion) {
reasonsForContainerdUpdate, err := updateToContainerd(maintainedShoot, fmt.Sprintf("Updating Kubernetes to %q", shootKubernetesVersion.String()))
if err != nil {
// continue execution to allow other updates
log.Error(err, "Failed updating worker pools' CRI to containerd")
}
operations = append(operations, reasonsForContainerdUpdate...)
}

// Reset the `EnableStaticTokenKubeconfig` value to false, when shoot cluster is updated to k8s version >= 1.27.
if versionutils.ConstraintK8sLess127.Check(oldShootKubernetesVersion) && pointer.BoolDeref(maintainedShoot.Spec.Kubernetes.EnableStaticTokenKubeconfig, false) && versionutils.ConstraintK8sGreaterEqual127.Check(shootKubernetesVersion) {
maintainedShoot.Spec.Kubernetes.EnableStaticTokenKubeconfig = pointer.Bool(false)
Expand Down Expand Up @@ -621,3 +631,18 @@ func ExpirationDateExpired(timestamp *metav1.Time) bool {
}
return time.Now().UTC().After(timestamp.Time) || time.Now().UTC().Equal(timestamp.Time)
}

// updateToContainerd updates the CRI of a Shoot's worker pools to containerd
func updateToContainerd(shoot *gardencorev1beta1.Shoot, reason string) ([]string, error) {
var reasonsForUpdate []string

for i, worker := range shoot.Spec.Provider.Workers {
if worker.CRI == nil || worker.CRI.Name != gardencorev1beta1.CRINameDocker {
continue
}
shoot.Spec.Provider.Workers[i].CRI.Name = gardencorev1beta1.CRINameContainerD
reasonsForUpdate = append(reasonsForUpdate, fmt.Sprintf("CRI of worker-pool %q upgraded from %q to %q. Reason: %s", worker.Name, gardencorev1beta1.CRINameDocker, gardencorev1beta1.CRINameContainerD, reason))
}

return reasonsForUpdate, nil
}
Original file line number Diff line number Diff line change
Expand Up @@ -699,6 +699,61 @@ var _ = Describe("Shoot Maintenance", func() {
Expect(shoot.Spec.Kubernetes.Version).To(Equal("1.1.2"))
})
})

Describe("#UpdateToContainerd", func() {
var (
shoot *gardencorev1beta1.Shoot
)

BeforeEach(func() {
shoot = &gardencorev1beta1.Shoot{
ObjectMeta: metav1.ObjectMeta{
Name: "shoot",
},
Spec: gardencorev1beta1.ShootSpec{
Kubernetes: gardencorev1beta1.Kubernetes{
Version: "1.23.16",
},
Maintenance: &gardencorev1beta1.Maintenance{
AutoUpdate: &gardencorev1beta1.MaintenanceAutoUpdate{
MachineImageVersion: pointer.Bool(true),
},
},
Provider: gardencorev1beta1.Provider{Workers: []gardencorev1beta1.Worker{
{
Name: "cpu-worker",
},
{
Name: "cpu-worker2",
},
}},
},
}
})

It("should not change anything if CRI is not set", func() {
_, err := updateToContainerd(shoot, "foobar")
Expect(err).NotTo(HaveOccurred())
Expect(shoot.Spec.Provider.Workers[0].CRI).To(BeNil())
Expect(shoot.Spec.Provider.Workers[1].CRI).To(BeNil())
})

It("should change docker to containerd", func() {
shoot.Spec.Provider.Workers[1].CRI = &gardencorev1beta1.CRI{Name: "docker"}
_, err := updateToContainerd(shoot, "foobar")
Expect(err).NotTo(HaveOccurred())
Expect(shoot.Spec.Provider.Workers[1].CRI.Name).To(Equal(gardencorev1beta1.CRINameContainerD))
Expect(shoot.Spec.Provider.Workers[0].CRI).To(BeNil())
})

It("should keep containerd if it is already set", func() {
shoot.Spec.Provider.Workers[0].CRI = &gardencorev1beta1.CRI{Name: "containerd"}
_, err := updateToContainerd(shoot, "foobar")
Expect(err).NotTo(HaveOccurred())
Expect(shoot.Spec.Provider.Workers[0].CRI.Name).To(Equal(gardencorev1beta1.CRINameContainerD))
Expect(shoot.Spec.Provider.Workers[1].CRI).To(BeNil())
})
})
})

func assertWorkerMachineImageVersion(worker *gardencorev1beta1.Worker, imageName string, imageVersion string) {
Expand Down

0 comments on commit 617075f

Please sign in to comment.