ClusterClass: Allow fine-granular control of MachineDeployment upgrades

Signed-off-by: Stefan Büringer [email protected]

Author: sbueringer

api/v1beta1/common_types.go

@@ -33,6 +33,26 @@ const (
 	// to track the name of the MachineDeployment topology it represents.
 	ClusterTopologyMachineDeploymentNameLabel = "topology.cluster.x-k8s.io/deployment-name"
 
+	// ClusterTopologyHoldUpgradeSequenceAnnotation can be used to hold the entire MachineDeployment upgrade sequence.
+	// If the annotation is set on a MachineDeployment topology in Cluster.spec.topology.workers, the Kubernetes upgrade
+	// for this MachineDeployment topology and all subsequent ones is deferred.
+	// Examples:
+	// - If you want to pause upgrade after CP upgrade, this annotation should be applied to the first MachineDeployment
+	//   in the list of MachineDeployments in Cluster.spec.topology. The upgrade will not be completed until the annotation
+	//   is removed and all MachineDeployments are upgraded.
+	// - If you want to pause upgrade after the 50th MachineDeployment, this annotation should be applied to the 51st
+	//   MachineDeployment in the list.
+	ClusterTopologyHoldUpgradeSequenceAnnotation = "topology.cluster.x-k8s.io/hold-upgrade-sequence"
+
+	// ClusterTopologyDeferUpgradeAnnotation can be used to defer the Kubernetes upgrade of a single MachineDeployment topology.
+	// If the annotation is set on a MachineDeployment topology in Cluster.spec.topology.workers, the Kubernetes upgrade
+	// for this MachineDeployment topology is deferred. It doesn't affect other MachineDeployment topologies.
+	// Example:
+	// - If you want to defer the upgrades of the 3rd and 5th MachineDeployments of the list, set the annotation on them.
+	//   The upgrade process will upgrade MachineDeployment in position 1,2, (skip 3), 4, (skip 5), 6 etc. The upgrade
+	//   will not be completed until the annotation is removed and all MachineDeployments are upgraded.
+	ClusterTopologyDeferUpgradeAnnotation = "topology.cluster.x-k8s.io/defer-upgrade"
+
 	// ClusterTopologyUnsafeUpdateClassNameAnnotation can be used to disable the webhook check on
 	// update that disallows a pre-existing Cluster to be populated with Topology information and Class.
 	ClusterTopologyUnsafeUpdateClassNameAnnotation = "unsafe.topology.cluster.x-k8s.io/disable-update-class-name-check"

api/v1beta1/condition_consts.go

@@ -273,6 +273,10 @@ const (
 	// not yet completed because at least one of the MachineDeployments is not yet updated to match the desired topology spec.
 	TopologyReconciledMachineDeploymentsUpgradePendingReason = "MachineDeploymentsUpgradePending"
 
+	// TopologyReconciledMachineDeploymentsUpgradeDeferredReason (Severity=Info) documents reconciliation of a Cluster topology
+	// not yet completed because the upgrade for at least one of the MachineDeployments has been deferred.
+	TopologyReconciledMachineDeploymentsUpgradeDeferredReason = "MachineDeploymentsUpgradeDeferred"
+
 	// TopologyReconciledHookBlockingReason (Severity=Info) documents reconciliation of a Cluster topology
 	// not yet completed because at least one of the lifecycle hooks is blocking.
 	TopologyReconciledHookBlockingReason = "LifecycleHookBlocking"

docs/book/src/reference/labels_and_annotations.md

@@ -1,19 +1,19 @@
 **Supported Labels:**
 
 
-| Label                                             | Note                                                                                                                                                                                                                        |
-|:--------------------------------------------------|:----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
-| cluster.x-k8s.io/cluster-name                     | It is set on machines linked to a cluster and external objects(bootstrap and infrastructure providers).                                                                                                                     |
-| topology.cluster.x-k8s.io/owned                   | It is set on all the object which are managed as part of a ClusterTopology.                                                                                                                                                 |
-| topology.cluster.x-k8s.io/deployment-name         | It is set on the generated MachineDeployment objects to track the name of the MachineDeployment topology it represents.                                                                                                     |
-| cluster.x-k8s.io/provider                         | It is set on components in the provider manifest. The label allows one to easily identify all the components belonging to a provider. The clusterctl tool uses this label for implementing provider's lifecycle operations. |
-| cluster.x-k8s.io/watch-filter                     | It can be applied to any Cluster API object. Controllers which allow for selective reconciliation may check this label and proceed with reconciliation of the object only if this label and a configured value is present.  |
-| cluster.x-k8s.io/interruptible                    | It is used to mark the nodes that run on interruptible instances.                                                                                                                                                           |
-| cluster.x-k8s.io/control-plane                    | It is set on machines or related objects that are part of a control plane.                                                                                                                                                  |
-| cluster.x-k8s.io/set-name                         | It is set on machines if they're controlled by MachineSet. The value of this label may be a hash if the MachineSet name is longer than 63 characters.                                                                       |
-| cluster.x-k8s.io/control-plane-name               | It is set on machines if they're controlled by a contorl plane. The value of this label may be a hash if the control plane name is longer than 63 characters.                                                               |
-| cluster.x-k8s.io/deployment-name                  | It is set on machines if they're controlled by a MachineDeployment.                                                                                                                                                         |
-| machine-template-hash                             | It is applied to Machines in a MachineDeployment containing the hash of the template.                                                                                                                                       |
+| Label                                     | Note                                                                                                                                                                                                                        |
+|:------------------------------------------|:----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
+| cluster.x-k8s.io/cluster-name             | It is set on machines linked to a cluster and external objects(bootstrap and infrastructure providers).                                                                                                                     |
+| topology.cluster.x-k8s.io/owned           | It is set on all the object which are managed as part of a ClusterTopology.                                                                                                                                                 |
+| topology.cluster.x-k8s.io/deployment-name | It is set on the generated MachineDeployment objects to track the name of the MachineDeployment topology it represents.                                                                                                     |
+| cluster.x-k8s.io/provider                 | It is set on components in the provider manifest. The label allows one to easily identify all the components belonging to a provider. The clusterctl tool uses this label for implementing provider's lifecycle operations. |
+| cluster.x-k8s.io/watch-filter             | It can be applied to any Cluster API object. Controllers which allow for selective reconciliation may check this label and proceed with reconciliation of the object only if this label and a configured value is present.  |
+| cluster.x-k8s.io/interruptible            | It is used to mark the nodes that run on interruptible instances.                                                                                                                                                           |
+| cluster.x-k8s.io/control-plane            | It is set on machines or related objects that are part of a control plane.                                                                                                                                                  |
+| cluster.x-k8s.io/set-name                 | It is set on machines if they're controlled by MachineSet. The value of this label may be a hash if the MachineSet name is longer than 63 characters.                                                                       |
+| cluster.x-k8s.io/control-plane-name       | It is set on machines if they're controlled by a control plane. The value of this label may be a hash if the control plane name is longer than 63 characters.                                                               |
+| cluster.x-k8s.io/deployment-name          | It is set on machines if they're controlled by a MachineDeployment.                                                                                                                                                         |
+| machine-template-hash                     | It is applied to Machines in a MachineDeployment containing the hash of the template.                                                                                                                                       |
 <br>
 
 
@@ -36,7 +36,9 @@
 | cluster.x-k8s.io/skip-remediation                                | It is used to mark the machines that should not be considered for remediation by MachineHealthCheck reconciler.                                                                                                                                                                                                                                                                                                                                                                                                                                             |
 | cluster.x-k8s.io/managed-by                                      | It can be applied to InfraCluster resources to signify that some external system is managing the cluster infrastructure. Provider InfraCluster controllers will ignore resources with this annotation. An external controller must fulfill the contract of the InfraCluster resource. External infrastructure providers should ensure that the annotation, once set, cannot be removed.                                                                                                                                                                     |
 | cluster.x-k8s.io/replicas-managed-by                             | It can be applied to MachinePool resources to signify that some external system is managing infrastructure scaling for that pool. See [the MachinePool documentation](../developer/architecture/controllers/machine-pool.md#externally-managed-autoscaler) for more details.                                                                                                                                                                                                                                                                                |
+| topology.cluster.x-k8s.io/defer-upgrade                          | It can be used to defer the Kubernetes upgrade of a single MachineDeployment topology. If the annotation is set on a MachineDeployment topology in Cluster.spec.topology.workers, the Kubernetes upgrade for this MachineDeployment topology is deferred. It doesn't affect other MachineDeployment topologies.                                                                                                                                                                                                                                             |
 | topology.cluster.x-k8s.io/dry-run                                | It is an annotation that gets set on objects by the topology controller only during a server side dry run apply operation. It is used for validating update webhooks for objects which get updated by template rotation (e.g. InfrastructureMachineTemplate). When the annotation is set and the admission request is a dry run, the webhook should deny validation due to immutability. By that the request will succeed (without any changes to the actual object because it is a dry run) and the topology controller will receive the resulting object. |
+| topology.cluster.x-k8s.io/hold-upgrade-sequence                  | It can be used to hold the entire MachineDeployment upgrade sequence. If the annotation is set on a MachineDeployment topology in Cluster.spec.topology.workers, the Kubernetes upgrade for this MachineDeployment topology and all subsequent ones is deferred.                                                                                                                                                                                                                                                                                            |
 | machine.cluster.x-k8s.io/certificates-expiry                     | It captures the expiry date of the machine certificates in RFC3339 format. It is used to trigger rollout of control plane machines before certificates expire. It can be set on BootstrapConfig and Machine objects. The value set on Machine object takes precedence. The annotation is only used by control plane machines.                                                                                                                                                                                                                               |
 | machine.cluster.x-k8s.io/exclude-node-draining                   | It explicitly skips node draining if set.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   |
 | machine.cluster.x-k8s.io/exclude-wait-for-node-volume-detach     | It explicitly skips the waiting for node volume detaching if set.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           |

internal/controllers/topology/cluster/conditions.go

@@ -91,40 +91,52 @@ func (r *Reconciler) reconcileTopologyReconciledCondition(s *scope.Scope, cluste
 		return nil
 	}
 
-	// If either the Control Plane or any of the MachineDeployments are still pending to pick up the new version (generally
-	// happens when upgrading the cluster) then the topology is not considered as fully reconciled.
-	if s.UpgradeTracker.ControlPlane.PendingUpgrade || s.UpgradeTracker.MachineDeployments.PendingUpgrade() {
+	// The topology is not considered as fully reconciled if one of the following is true:
+	// * either the Control Plane or any of the MachineDeployments are still pending to pick up the new version
+	//  (generally happens when upgrading the cluster)
+	// * when there are MachineDeployments for which the upgrade has been deferred
+	if s.UpgradeTracker.ControlPlane.PendingUpgrade ||
+		s.UpgradeTracker.MachineDeployments.PendingUpgrade() ||
+		s.UpgradeTracker.MachineDeployments.DeferredUpgrade() {
 		msgBuilder := &strings.Builder{}
 		var reason string
-		if s.UpgradeTracker.ControlPlane.PendingUpgrade {
-			msgBuilder.WriteString(fmt.Sprintf("Control plane upgrade to %s on hold. ", s.Blueprint.Topology.Version))
+
+		switch {
+		case s.UpgradeTracker.ControlPlane.PendingUpgrade:
+			msgBuilder.WriteString(fmt.Sprintf("Control plane upgrade to %s on hold.", s.Blueprint.Topology.Version))
 			reason = clusterv1.TopologyReconciledControlPlaneUpgradePendingReason
-		} else {
-			msgBuilder.WriteString(fmt.Sprintf("MachineDeployment(s) %s upgrade to version %s on hold. ",
-				strings.Join(s.UpgradeTracker.MachineDeployments.PendingUpgradeNames(), ", "),
+		case s.UpgradeTracker.MachineDeployments.PendingUpgrade():
+			msgBuilder.WriteString(fmt.Sprintf("MachineDeployment(s) %s upgrade to version %s on hold.",
+				computeMachineDeploymentNameList(s.UpgradeTracker.MachineDeployments.PendingUpgradeNames()),
 				s.Blueprint.Topology.Version,
 			))
 			reason = clusterv1.TopologyReconciledMachineDeploymentsUpgradePendingReason
+		case s.UpgradeTracker.MachineDeployments.DeferredUpgrade():
+			msgBuilder.WriteString(fmt.Sprintf("MachineDeployment(s) %s upgrade to version %s deferred.",
+				computeMachineDeploymentNameList(s.UpgradeTracker.MachineDeployments.DeferredUpgradeNames()),
+				s.Blueprint.Topology.Version,
+			))
+			reason = clusterv1.TopologyReconciledMachineDeploymentsUpgradeDeferredReason
 		}
 
 		switch {
 		case s.UpgradeTracker.ControlPlane.IsProvisioning:
-			msgBuilder.WriteString("Control plane is completing initial provisioning")
+			msgBuilder.WriteString(" Control plane is completing initial provisioning")
 
 		case s.UpgradeTracker.ControlPlane.IsUpgrading:
 			cpVersion, err := contract.ControlPlane().Version().Get(s.Current.ControlPlane.Object)
 			if err != nil {
 				return errors.Wrap(err, "failed to get control plane spec version")
 			}
-			msgBuilder.WriteString(fmt.Sprintf("Control plane is upgrading to version %s", *cpVersion))
+			msgBuilder.WriteString(fmt.Sprintf(" Control plane is upgrading to version %s", *cpVersion))
 
 		case s.UpgradeTracker.ControlPlane.IsScaling:
-			msgBuilder.WriteString("Control plane is reconciling desired replicas")
+			msgBuilder.WriteString(" Control plane is reconciling desired replicas")
 
 		case s.Current.MachineDeployments.IsAnyRollingOut():
-			msgBuilder.WriteString(fmt.Sprintf("MachineDeployment(s) %s are rolling out", strings.Join(
-				s.UpgradeTracker.MachineDeployments.RolloutNames(), ", ",
-			)))
+			msgBuilder.WriteString(fmt.Sprintf(" MachineDeployment(s) %s are rolling out",
+				computeMachineDeploymentNameList(s.UpgradeTracker.MachineDeployments.RolloutNames()),
+			))
 		}
 
 		conditions.Set(
@@ -149,3 +161,13 @@ func (r *Reconciler) reconcileTopologyReconciledCondition(s *scope.Scope, cluste
 
 	return nil
 }
+
+// computeMachineDeploymentNameList computes the MD name list to be shown in conditions.
+// It shortens the list to at most 5 MachineDeployment names.
+func computeMachineDeploymentNameList(mdList []string) any {
+	if len(mdList) > 5 {
+		mdList = append(mdList[:5], "...")
+	}
+
+	return strings.Join(mdList, ", ")
+}