Page MenuHomePhabricator
Create Task
Maniphest T170119

Upgrade to kubernetes >=1.5
Closed, ResolvedPublic
Actions

Description

Goal description

Production currently runs kubernetes 1.4.4 alongside a few of our patches. Those are found currently in https://phabricator.wikimedia.org/diffusion/ODFM/browse/master/debian/patches/admission_controllers. We would like to upgrade to 1.5 or 1.6. Those patches are not currently used in production, but are used in labs.

Given that no production services are currently running on our kubernetes clusters it's the probably the best time to evaluate the changes from kubernetes 1.4 => 1.5 and/or 1.6, discern if our local patches can/should be forward ported or replaced and upgrade to at least 1.5

Note that Debian sid is currently providing a 1.5.5 kubernetes package but the package never made it to stretch. We may or may not want to use that package, it depends on our evaluation.

Goal result

Upgrade of our kubernetes packages for stretch-wikimedia and production and staging clusters to 1.7.4 has happened. Those clusters have been reimaged as stretch-wikimedia as a result.

Details

SubjectRepoBranchLines +/-
kubernetes: Add a few recommended admission controllersoperations/puppetproduction+6 -0
Stretch for kubernetes related boxesoperations/puppetproduction+26 -0
Bump calico debian revisionoperations/puppetproduction+2 -2
Reimage kubernetes1004, chlorine as stretchoperations/puppetproduction+4 -0
kubernetes: Refactor/add admission controllersoperations/puppetproduction+63 -79
Upgrade to kubernetes 1.7.4operations/debs/kubernetesmaster+2 M -1 M
kubelet: Remove configure-cbr0 parameteroperations/puppetproduction+1 -2
Customize query in gerrit

Related Objects
Search...

Event Timeline

akosiaris created this task.Jul 10 2017, 9:04 AM
bd808 subscribed.Jul 10 2017, 7:30 PM
yuvipanda subscribed.Jul 10 2017, 7:35 PM

Note that 1.7 landed https://kubernetes.io/docs/admin/extensible-admission-controllers/ which will allow us to remove all of our custom patches used in tools.

yuvipanda unsubscribed.Jul 10 2017, 7:35 PM
mobrovac added a project: Services (watching).Jul 11 2017, 7:35 PM
gerritbot subscribed.Aug 24 2017, 2:48 PM

Change 373554 had a related patch set uploaded (by Alexandros Kosiaris; owner: Alexandros Kosiaris):
[operations/debs/kubernetes@master] WIP: Upgrade to kubernetes 1.7.4

https://gerrit.wikimedia.org/r/373554

gerritbot added a project: Patch-For-Review.Aug 24 2017, 2:48 PM
Stashbot subscribed.Aug 29 2017, 8:42 AM

Mentioned in SAL (#wikimedia-operations) [2017-08-29T08:42:13Z] <akosiaris> upload kubernetes_1.7.4-1 to apt.wikimedia.org/stretch-wikimedia/main T170119

Stashbot added a comment.Aug 29 2017, 8:45 AM

Mentioned in SAL (#wikimedia-operations) [2017-08-29T08:45:40Z] <akosiaris> reprepro copy calico, calico-cni from jessie-wikimedia to stretch-wikimedia (apt.wikimedia.org) T170119

gerritbot added a comment.Aug 29 2017, 9:27 AM

Change 374511 had a related patch set uploaded (by Alexandros Kosiaris; owner: Alexandros Kosiaris):
[operations/puppet@production] Reimage kubernetes1004, chlorine as stretch

https://gerrit.wikimedia.org/r/374511

gerritbot added a comment.Aug 29 2017, 3:32 PM

Change 374556 had a related patch set uploaded (by Alexandros Kosiaris; owner: Alexandros Kosiaris):
[operations/puppet@production] kubelet: Remove configure-cbr0 parameter

https://gerrit.wikimedia.org/r/374556

gerritbot added a comment.Aug 30 2017, 9:08 AM

Change 374556 merged by Alexandros Kosiaris:
[operations/puppet@production] kubelet: Remove configure-cbr0 parameter

https://gerrit.wikimedia.org/r/374556

gerritbot added a comment.Aug 30 2017, 12:19 PM

Change 374795 had a related patch set uploaded (by Alexandros Kosiaris; owner: Alexandros Kosiaris):
[operations/puppet@production] kubernetes: Refactor/add admission controllers

https://gerrit.wikimedia.org/r/374795

gerritbot added a comment.Aug 31 2017, 10:40 AM

Change 374974 had a related patch set uploaded (by Alexandros Kosiaris; owner: Alexandros Kosiaris):
[operations/puppet@production] kubernetes: Add a few recommended admission controllers

https://gerrit.wikimedia.org/r/374974

gerritbot added a comment.Aug 31 2017, 11:49 AM

Change 373554 merged by Alexandros Kosiaris:
[operations/debs/kubernetes@master] Upgrade to kubernetes 1.7.4

https://gerrit.wikimedia.org/r/373554

gerritbot added a comment.Aug 31 2017, 11:50 AM

Change 374795 merged by Alexandros Kosiaris:
[operations/puppet@production] kubernetes: Refactor/add admission controllers

https://gerrit.wikimedia.org/r/374795

gerritbot added a comment.Aug 31 2017, 11:56 AM

Change 374511 merged by Alexandros Kosiaris:
[operations/puppet@production] Reimage kubernetes1004, chlorine as stretch

https://gerrit.wikimedia.org/r/374511

Stashbot added a comment.Aug 31 2017, 12:05 PM

Mentioned in SAL (#wikimedia-operations) [2017-08-31T12:05:06Z] <akosiaris> reimage chlorine and kubernetes1004 T170119

Stashbot added a comment.Sep 5 2017, 9:52 AM

Mentioned in SAL (#wikimedia-operations) [2017-09-05T09:52:42Z] <akosiaris> reimage kubernetes[12]00[1-4] T170119

gerritbot added a comment.Sep 5 2017, 9:55 AM

Change 375978 had a related patch set uploaded (by Alexandros Kosiaris; owner: Alexandros Kosiaris):
[operations/puppet@production] Bump calico debian revision

https://gerrit.wikimedia.org/r/375978

gerritbot added a comment.Sep 5 2017, 10:06 AM

Change 375978 merged by Alexandros Kosiaris:
[operations/puppet@production] Bump calico debian revision

https://gerrit.wikimedia.org/r/375978

gerritbot added a comment.Sep 5 2017, 10:41 AM

Change 375983 had a related patch set uploaded (by Alexandros Kosiaris; owner: Alexandros Kosiaris):
[operations/puppet@production] Stretch for kubernetes related boxes

https://gerrit.wikimedia.org/r/375983

gerritbot added a comment.Sep 5 2017, 10:42 AM

Change 375983 merged by Alexandros Kosiaris:
[operations/puppet@production] Stretch for kubernetes related boxes

https://gerrit.wikimedia.org/r/375983

Stashbot added a comment.Sep 5 2017, 4:08 PM

Mentioned in SAL (#wikimedia-operations) [2017-09-05T16:08:03Z] <akosiaris> reboot all kubernetes boxes T170119

akosiaris closed this task as Resolved.Sep 5 2017, 4:29 PM
akosiaris claimed this task.

Production clusters in both DCs as well as the staging cluster are now at kubernetes 1.7.4 and our patching is minimal and not related to code but mostly building and documentation. The admission controller patches present in our previous version (that's 1.4.6) have been dropped in favor of the dynamic admission controllers. Packages have been built and uploaded on stretch-wikimedia/main apt repo and the repo has been cleaned of previous versions. jessie-wikimedia kubernetes versions have not been bumped and are still at 1.4.6 in order to minimize unwanted consequences for toollabs, allowing that infrastructure to upgrade at it's own pace.

I am resolving this

akosiaris updated the task description. (Show Details)Sep 5 2017, 4:31 PM
gerritbot added a comment.Sep 8 2017, 12:36 PM

Change 374974 merged by Alexandros Kosiaris:
[operations/puppet@production] kubernetes: Add a few recommended admission controllers

https://gerrit.wikimedia.org/r/374974

Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits