Skip to content

buroa/system-upgrade-controller

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

212 Commits

.github

.github

 
 

doc

doc

 
 

e2e

e2e

 
 

examples

examples

 
 

hack

hack

 
 

pkg

pkg

 
 

.dockerignore

.dockerignore

 
 

.gitignore

.gitignore

 
 

.golangci.json

.golangci.json

 
 

Dockerfile

Dockerfile

 
 

LICENSE

LICENSE

 
 

README.md

README.md

 
 

go.mod

go.mod

 
 

go.sum

go.sum

 
 

main.go

main.go

 
 

Repository files navigation

System Upgrade Controller

Upstream

This is an opinionated fork of the upstream project at https://github.com/rancher/system-upgrade-controller.

Introduction

This project aims to provide a general-purpose, Kubernetes-native upgrade controller (for nodes). It introduces a new CRD, the Plan, for defining any and all of your upgrade policies/requirements. A Plan is an outstanding intent to mutate nodes in your cluster. For up-to-date details on defining a plan please review v1/types.go.

diagram

Presentations and Recordings

April 14, 2020

CNCF Member Webinar: Declarative Host Upgrades From Within Kubernetes

March 4, 2020

Rancher Online Meetup: Automating K3s Cluster Upgrades

Considerations

Purporting to support general-purpose node upgrades (essentially, arbitrary mutations) this controller attempts minimal imposition of opinion. Our design constraints, such as they are:

  • content delivery via container image a.k.a. container command pattern
  • operator-overridable command(s)
  • a very privileged job/pod/container:
    • host IPC, NET, and PID
    • CAP_SYS_BOOT
    • host root file-system mounted at /host (read/write)
  • optional opt-in/opt-out via node labels
  • optional cordon/drain a la kubectl

Additionally, one should take care when defining upgrades by ensuring that such are idempotent--there be dragons.

Deploying

Take a look at kubesearch.dev for a list of Helm charts and other deployment options.

Example Plans

Using this for Talos and with the examples below will only work if node-feature-discovery is installed and configured with the system source like so:

worker:
  config:
    core:
      sources: ["pci", "system", "usb"]

Building

go build -o bin/system-upgrade-controller

Running

Use ./bin/system-upgrade-controller.

License

Copyright (c) 2019-2022 Rancher Labs, Inc.

Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.

About

In your Kubernetes, upgrading your nodes

Resources

Readme

License

Apache-2.0 license

Code of conduct

Code of conduct
Activity

Stars

8 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases 6

v0.14.4 Latest
Apr 22, 2024
+ 5 releases

Packages 1

 

Languages

  • Go 95.9%
  • Shell 2.6%
  • Dockerfile 1.5%