Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Convert kubernetes-apps to use kubectl directly #11700

Open
wants to merge 7 commits into
base: master
Choose a base branch
from
Open

Convert kubernetes-apps to use kubectl directly #11700

wants to merge 7 commits into from

Conversation

VannTen
Copy link
Contributor

@VannTen VannTen commented Nov 9, 2024

What type of PR is this?
/kind design

What this PR does / why we need it:
This design an alternative to the custom kube module for applying manifests, by combining the 'template' lookup plugin with
the stdin argument of the command module, and converts the manifests under roles/kubernetes-apps/ansible to make use of it.

See first commit for the rationale of that method.

The idea would be to deprecate the kube module and transition existing manifests to this method.
Since there is a lot of manifests, there is no need to do eveything at once ; PRs in smaller chunks might be easier to review.

One of the end-goal is to enable server-side apply for CoreDNS (which is converted as part of this PR) to have a proper fix for #10860 and reapply #10617.
This is not done as part of this PR to keep it refactoring only (no behavior change) but will be in a separate one.

Special notes for your reviewer:
Apart from the first commit, this is mostly conversion commits.

Does this PR introduce a user-facing change?:

NONE

/label tide/merge-method-merge

@k8s-ci-robot k8s-ci-robot added release-note-none Denotes a PR that doesn't merit a release note. kind/design Categorizes issue or PR as related to design. tide/merge-method-merge Denotes a PR that should use a standard merge by tide when it merges. labels Nov 9, 2024
@k8s-ci-robot
Copy link
Contributor

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: VannTen

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@k8s-ci-robot k8s-ci-robot added the cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. label Nov 9, 2024
@k8s-ci-robot k8s-ci-robot added approved Indicates a PR has been approved by an approver from all required OWNERS files. size/L Denotes a PR that changes 100-499 lines, ignoring generated files. labels Nov 9, 2024
@VannTen
Copy link
Contributor Author

VannTen commented Nov 9, 2024

/ok-to-test

@k8s-ci-robot k8s-ci-robot added the ok-to-test Indicates a non-member PR verified by an org member that is safe to test. label Nov 9, 2024
@VannTen VannTen force-pushed the feat/kubectl_stdin branch 3 times, most recently from 603f845 to 593c0f2 Compare November 10, 2024 10:07
@VannTen
Define a standard commandline for applying manifests
8d23bc6 
This is expected to be used in the command module this way:
command:
  cmd: "{{ kubectl_apply_stdin }}"
  stdin: <... rendered manifests > -> using the 'template' lookup plugin
  in most cases.

The advantages over the kube plugin module integrated in kubespray
(which this should replace eventually):
- way easier to modify to take advantage of new features (server-side
  apply for instance)
- no need for a separate template tasks + checking the result (which can
  introduce problem if the first playbook runs encounters an error).
@VannTen
Convert dashboard to kubectl_apply_stdin
871d0e9
@VannTen
Convert etcd_metrics to kubectl_apply_stdin
0be3186
@VannTen
Convert CoreDNS primary to kubectl_apply_stdin
13b4ede
@VannTen
Convert CoreDNS Secondary to kubectl_apply_stdin
3d2746c 
Note that we're reapplying the RBAC/Sa/Config from coredns which is not
strictly necessary, but harmless, when the secondary is enabled.
@VannTen
Convert nodelocaldns to kubectl_apply_stdin
ffda0b4
@VannTen
Convert netchecker to kubectl_apply_stdin
1508901 
Not that the Apparmor check result is no longer used since the PSP removal.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@cyclinder cyclinder Awaiting requested review from cyclinder

@tico88612 tico88612 Awaiting requested review from tico88612

Assignees
No one assigned
Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. kind/design Categorizes issue or PR as related to design. ok-to-test Indicates a non-member PR verified by an org member that is safe to test. release-note-none Denotes a PR that doesn't merit a release note. size/L Denotes a PR that changes 100-499 lines, ignoring generated files. tide/merge-method-merge Denotes a PR that should use a standard merge by tide when it merges.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@VannTen @k8s-ci-robot