We currently import relevant .deb pkgs into reprepro. But we don't have strict controls on what's installed into VMs.
Right now, if you upgrade, for example, kubeadm in the repo, VMs would probably update it by means of unattended-upgrades. Which will mess future upgrades.
Same affects other key packages, like kubelet, kubectl, etc.
We need to introduce more robust controls for this. Probably simple apt-pinning configuration should be enough.
| Project | Branch | Lines +/- | Subject | |
|---|---|---|---|---|
| operations/puppet | production | +32 -0 | toolforge: new k8s: introduce apt pinning configurations |
| Status | Subtype | Assigned | Task | ||
|---|---|---|---|---|---|
| Restricted Task | |||||
| Resolved | Bstorm | T246122 Upgrade the Toolforge Kubernetes cluster to v1.16 | |||
| Restricted Task | |||||
| Resolved | bd808 | T232536 Toolforge Kubernetes internal API down, causing `webservice` and other tooling to fail | |||
| Resolved | Bstorm | T236565 "tools" Cloud VPS project jessie deprecation | |||
| Resolved | aborrero | T101651 Set up toolsbeta more fully to help make testing easier | |||
| Resolved | Bstorm | T166949 Homedir/UID info breaks after a while in Tools Kubernetes (can't read replica.my.cnf) | |||
| Resolved | Bstorm | T246059 Add admin account creation to maintain-kubeusers | |||
| Resolved | Bstorm | T154504 Make webservice backend default to kubernetes | |||
| Declined | None | T245230 Investigate cpu/ram requests and limits for DaemonSets pods | |||
| Resolved | Bstorm | T214513 Deploy and migrate tools to a Kubernetes v1.15 or newer cluster | |||
| Resolved | aborrero | T239409 toolforge: new k8s: introduce more robust controls for deb pkg versions |
Change 554076 had a related patch set uploaded (by Arturo Borrero Gonzalez; owner: Arturo Borrero Gonzalez):
[operations/puppet@production] toolforge: new k8s: introduce apt pinning configurations
Change 554076 merged by Arturo Borrero Gonzalez:
[operations/puppet@production] toolforge: new k8s: introduce apt pinning configurations