From 1345f2ee204b344b4b8c9dd4b87acbcd40c867fd Mon Sep 17 00:00:00 2001 From: Tim Ebert Date: Fri, 15 Sep 2023 11:41:51 +0200 Subject: [PATCH 1/5] Fix `update-codegen.sh` for `go1.21` tooling --- webhosting-operator/Makefile | 2 +- webhosting-operator/hack/update-codegen.sh | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/webhosting-operator/Makefile b/webhosting-operator/Makefile index d2ee606a..864a5478 100644 --- a/webhosting-operator/Makefile +++ b/webhosting-operator/Makefile @@ -51,7 +51,7 @@ manifests: $(CONTROLLER_GEN) ## Generate WebhookConfiguration, ClusterRole and C $(CONTROLLER_GEN) rbac:roleName=operator crd paths="./..." output:rbac:artifacts:config=config/manager/rbac output:crd:artifacts:config=config/manager/crds .PHONY: generate -generate: $(CONTROLLER_GEN) ## Generate code containing DeepCopy, DeepCopyInto, and DeepCopyObject method implementations. +generate: $(CONTROLLER_GEN) modules ## Generate code containing DeepCopy, DeepCopyInto, and DeepCopyObject method implementations. $(CONTROLLER_GEN) object:headerFile="hack/boilerplate.go.txt" paths="./..." hack/update-codegen.sh diff --git a/webhosting-operator/hack/update-codegen.sh b/webhosting-operator/hack/update-codegen.sh index 14fba620..5819bcb4 100755 --- a/webhosting-operator/hack/update-codegen.sh +++ b/webhosting-operator/hack/update-codegen.sh @@ -29,7 +29,7 @@ EOF fi # fetch code-generator module to execute the scripts from the modcache (we don't vendor here) -CODE_GENERATOR_DIR="$(go list -tags tools -f '{{ .Dir }}' k8s.io/code-generator)" +CODE_GENERATOR_DIR="$(go list -m -tags tools -f '{{ .Dir }}' k8s.io/code-generator)" rm -f ${GOPATH}/bin/*-gen From 3de41e5a31ea177657c1ec7fdb8dbe8bc25173fa Mon Sep 17 00:00:00 2001 From: Tim Ebert Date: Fri, 15 Sep 2023 14:43:38 +0200 Subject: [PATCH 2/5] Fix skaffold deployment on kind cluster --- .../config/policy/default/kustomization.yaml | 4 ---- .../config/policy/shoot/kustomization.yaml | 1 - webhosting-operator/skaffold.yaml | 20 ++++++++----------- 3 files changed, 8 insertions(+), 17 deletions(-) delete mode 100644 webhosting-operator/config/policy/default/kustomization.yaml diff --git a/webhosting-operator/config/policy/default/kustomization.yaml b/webhosting-operator/config/policy/default/kustomization.yaml deleted file mode 100644 index e609fb24..00000000 --- a/webhosting-operator/config/policy/default/kustomization.yaml +++ /dev/null @@ -1,4 +0,0 @@ -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization - -resources: [] diff --git a/webhosting-operator/config/policy/shoot/kustomization.yaml b/webhosting-operator/config/policy/shoot/kustomization.yaml index f94da50c..50bf8242 100644 --- a/webhosting-operator/config/policy/shoot/kustomization.yaml +++ b/webhosting-operator/config/policy/shoot/kustomization.yaml @@ -2,7 +2,6 @@ apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization resources: -- ../default - experiment-scheduling.yaml - scale-up-worker-experiment.yaml - webhosting-operator-scheduling.yaml diff --git a/webhosting-operator/skaffold.yaml b/webhosting-operator/skaffold.yaml index 50ff0ecc..c015b65d 100644 --- a/webhosting-operator/skaffold.yaml +++ b/webhosting-operator/skaffold.yaml @@ -21,18 +21,6 @@ metadata: requires: - configs: - kyverno -manifests: - kustomize: - paths: - - config/policy/default -deploy: - kubectl: - defaultNamespace: "" - flags: - apply: - - --server-side - - --force-conflicts - statusCheck: false profiles: - name: shoot activation: @@ -41,6 +29,14 @@ profiles: kustomize: paths: - config/policy/shoot + deploy: + kubectl: + defaultNamespace: "" + flags: + apply: + - --server-side + - --force-conflicts + statusCheck: false --- apiVersion: skaffold/v4beta6 kind: Config From 2bdfde72ff1ae00fe891c23520ca47c63c62b59a Mon Sep 17 00:00:00 2001 From: Tim Ebert Date: Fri, 15 Sep 2023 14:44:27 +0200 Subject: [PATCH 3/5] Update run configs --- .../.run/{experiment.run.xml => experiment (kind).run.xml} | 5 ++++- ...ess (kind).run.xml => webhosting-operator (kind).run.xml} | 2 +- 2 files changed, 5 insertions(+), 2 deletions(-) rename webhosting-operator/.run/{experiment.run.xml => experiment (kind).run.xml} (67%) rename webhosting-operator/.run/{webhosting-operator process (kind).run.xml => webhosting-operator (kind).run.xml} (85%) diff --git a/webhosting-operator/.run/experiment.run.xml b/webhosting-operator/.run/experiment (kind).run.xml similarity index 67% rename from webhosting-operator/.run/experiment.run.xml rename to webhosting-operator/.run/experiment (kind).run.xml index dead68f1..cd85374f 100644 --- a/webhosting-operator/.run/experiment.run.xml +++ b/webhosting-operator/.run/experiment (kind).run.xml @@ -1,8 +1,11 @@ - + + + + diff --git a/webhosting-operator/.run/webhosting-operator process (kind).run.xml b/webhosting-operator/.run/webhosting-operator (kind).run.xml similarity index 85% rename from webhosting-operator/.run/webhosting-operator process (kind).run.xml rename to webhosting-operator/.run/webhosting-operator (kind).run.xml index 2deca6af..fcb34ddf 100644 --- a/webhosting-operator/.run/webhosting-operator process (kind).run.xml +++ b/webhosting-operator/.run/webhosting-operator (kind).run.xml @@ -1,5 +1,5 @@ - + From e222c9641a15060fd8cb52a7fd0a783f10a2cee9 Mon Sep 17 00:00:00 2001 From: Tim Ebert Date: Thu, 19 Oct 2023 08:24:45 +0200 Subject: [PATCH 4/5] Disable HTTP2 and scale up API server to 4 replicas --- webhosting-operator/config/experiment/base/job.yaml | 3 +++ webhosting-operator/config/manager/default/manager.yaml | 3 +++ .../config/policy/controlplane/kube-apiserver-scale.yaml | 2 +- .../config/policy/controlplane/kube-apiserver.yaml | 2 +- .../tests/kube-apiserver-scale-awake/kyverno-test.yaml | 2 +- .../tests/kube-apiserver-scale-awake/scale_expected.yaml | 2 +- .../tests/kube-apiserver/kube-apiserver-awake_expected.yaml | 2 +- .../tests/kube-apiserver/kube-apiserver-null_expected.yaml | 2 +- .../controlplane/tests/kube-apiserver/kyverno-test.yaml | 4 ++-- 9 files changed, 14 insertions(+), 8 deletions(-) diff --git a/webhosting-operator/config/experiment/base/job.yaml b/webhosting-operator/config/experiment/base/job.yaml index 03ee2325..d3863c62 100644 --- a/webhosting-operator/config/experiment/base/job.yaml +++ b/webhosting-operator/config/experiment/base/job.yaml @@ -14,6 +14,9 @@ spec: image: experiment:latest args: - --zap-log-level=info + env: + - name: DISABLE_HTTP2 + value: "true" ports: - name: metrics containerPort: 8080 diff --git a/webhosting-operator/config/manager/default/manager.yaml b/webhosting-operator/config/manager/default/manager.yaml index e355f4a1..8bfd11e3 100644 --- a/webhosting-operator/config/manager/default/manager.yaml +++ b/webhosting-operator/config/manager/default/manager.yaml @@ -18,6 +18,9 @@ spec: image: controller:latest args: - --zap-log-level=info + env: + - name: DISABLE_HTTP2 + value: "true" ports: - name: metrics containerPort: 8080 diff --git a/webhosting-operator/config/policy/controlplane/kube-apiserver-scale.yaml b/webhosting-operator/config/policy/controlplane/kube-apiserver-scale.yaml index fe8eda77..7468ff71 100644 --- a/webhosting-operator/config/policy/controlplane/kube-apiserver-scale.yaml +++ b/webhosting-operator/config/policy/controlplane/kube-apiserver-scale.yaml @@ -28,4 +28,4 @@ spec: mutate: patchStrategicMerge: spec: - replicas: 1 + replicas: 4 diff --git a/webhosting-operator/config/policy/controlplane/kube-apiserver.yaml b/webhosting-operator/config/policy/controlplane/kube-apiserver.yaml index f74ab6a3..cd98ea64 100644 --- a/webhosting-operator/config/policy/controlplane/kube-apiserver.yaml +++ b/webhosting-operator/config/policy/controlplane/kube-apiserver.yaml @@ -29,7 +29,7 @@ spec: mutate: patchStrategicMerge: spec: - replicas: 1 + replicas: 4 # set static requests/limits on kube-apiserver to ensure similar evaluation environment between load test runs - name: resources match: diff --git a/webhosting-operator/config/policy/controlplane/tests/kube-apiserver-scale-awake/kyverno-test.yaml b/webhosting-operator/config/policy/controlplane/tests/kube-apiserver-scale-awake/kyverno-test.yaml index 92042fe1..bec2c941 100644 --- a/webhosting-operator/config/policy/controlplane/tests/kube-apiserver-scale-awake/kyverno-test.yaml +++ b/webhosting-operator/config/policy/controlplane/tests/kube-apiserver-scale-awake/kyverno-test.yaml @@ -2,7 +2,7 @@ name: kube-apiserver-scale-awake policies: - ../../kube-apiserver-scale.yaml resources: -# spec.replicas=2 -> expect spec.replicas=1 +# spec.replicas=2 -> expect spec.replicas=4 - scale.yaml variables: variables.yaml results: diff --git a/webhosting-operator/config/policy/controlplane/tests/kube-apiserver-scale-awake/scale_expected.yaml b/webhosting-operator/config/policy/controlplane/tests/kube-apiserver-scale-awake/scale_expected.yaml index 9a8da48c..817f8bb9 100644 --- a/webhosting-operator/config/policy/controlplane/tests/kube-apiserver-scale-awake/scale_expected.yaml +++ b/webhosting-operator/config/policy/controlplane/tests/kube-apiserver-scale-awake/scale_expected.yaml @@ -4,4 +4,4 @@ metadata: name: kube-apiserver namespace: shoot--timebertt--sharding spec: - replicas: 1 + replicas: 4 diff --git a/webhosting-operator/config/policy/controlplane/tests/kube-apiserver/kube-apiserver-awake_expected.yaml b/webhosting-operator/config/policy/controlplane/tests/kube-apiserver/kube-apiserver-awake_expected.yaml index 07c91f7b..86097fee 100644 --- a/webhosting-operator/config/policy/controlplane/tests/kube-apiserver/kube-apiserver-awake_expected.yaml +++ b/webhosting-operator/config/policy/controlplane/tests/kube-apiserver/kube-apiserver-awake_expected.yaml @@ -7,7 +7,7 @@ metadata: name: kube-apiserver-awake namespace: shoot--timebertt--sharding spec: - replicas: 1 + replicas: 4 template: spec: containers: diff --git a/webhosting-operator/config/policy/controlplane/tests/kube-apiserver/kube-apiserver-null_expected.yaml b/webhosting-operator/config/policy/controlplane/tests/kube-apiserver/kube-apiserver-null_expected.yaml index 0901cc6a..b61d5fa1 100644 --- a/webhosting-operator/config/policy/controlplane/tests/kube-apiserver/kube-apiserver-null_expected.yaml +++ b/webhosting-operator/config/policy/controlplane/tests/kube-apiserver/kube-apiserver-null_expected.yaml @@ -7,7 +7,7 @@ metadata: name: kube-apiserver-null namespace: shoot--timebertt--sharding spec: - replicas: 1 + replicas: 4 template: spec: containers: diff --git a/webhosting-operator/config/policy/controlplane/tests/kube-apiserver/kyverno-test.yaml b/webhosting-operator/config/policy/controlplane/tests/kube-apiserver/kyverno-test.yaml index 0185af6a..7aec544b 100644 --- a/webhosting-operator/config/policy/controlplane/tests/kube-apiserver/kyverno-test.yaml +++ b/webhosting-operator/config/policy/controlplane/tests/kube-apiserver/kyverno-test.yaml @@ -2,9 +2,9 @@ name: kube-apiserver policies: - ../../kube-apiserver.yaml resources: -# spec.replicas=2 -> expect spec.replicas=1 +# spec.replicas=2 -> expect spec.replicas=4 - kube-apiserver-awake.yaml -# spec.replicas=null -> expect spec.replicas=1 +# spec.replicas=null -> expect spec.replicas=4 - kube-apiserver-null.yaml # spec.replicas=0 -> expect skip - kube-apiserver-hibernated.yaml From 410370d4ccd5e88d36a55ffa89f3f027c22d1187 Mon Sep 17 00:00:00 2001 From: Tim Ebert Date: Thu, 19 Oct 2023 09:39:02 +0200 Subject: [PATCH 5/5] Move to new environment, upgrade to kubernetes 1.26 --- webhosting-operator/config/external-dns/patch-deployment.yaml | 2 +- webhosting-operator/shoot.yaml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/webhosting-operator/config/external-dns/patch-deployment.yaml b/webhosting-operator/config/external-dns/patch-deployment.yaml index 5d2aa40d..359d1fd7 100644 --- a/webhosting-operator/config/external-dns/patch-deployment.yaml +++ b/webhosting-operator/config/external-dns/patch-deployment.yaml @@ -18,7 +18,7 @@ spec: - --google-zone-visibility=public - --policy=sync - --registry=txt - - --txt-owner-id=shoot--timebertt--sharding-0e61b9e9-b7ce-4a71-a502-89f366015617-ond-460a37 + - --txt-owner-id=shoot--timebertt--sharding-d657103c-eb4f-4a02-9af3-8ee7dc8d6e12-ond-82dc04 - --interval=1m # ensure the records are not owned by short-lived acme solvers managed by cert-manager or website ingresses - --label-filter=acme.cert-manager.io/http01-solver!=true,app!=website diff --git a/webhosting-operator/shoot.yaml b/webhosting-operator/shoot.yaml index c9d79fd8..43dfaab2 100644 --- a/webhosting-operator/shoot.yaml +++ b/webhosting-operator/shoot.yaml @@ -18,7 +18,7 @@ spec: nodeCIDRMaskSize: 20 kubeProxy: mode: IPTables - version: "1.25" + version: "1.26" verticalPodAutoscaler: enabled: true maintenance: