latjp.blogg.se - What is kubernetes etcd

#WHAT IS KUBERNETES ETCD UPDATE#
#WHAT IS KUBERNETES ETCD UPGRADE#

But it’s not all bad: etcdhelper by OpenShift was a good starting point ( thanks to its creators!). We have been looking for ready-made tools for modifying data in etcd… and nothing has met our needs.

#WHAT IS KUBERNETES ETCD UPDATE#

The goal is to replace the 192.168.0.0/16 service subnet with 172.24.0.0/16 in the cluster deployed using kubeadm.Īs a matter of fact, we have long been tempted to investigate how Kubernetes stores its data in etcd and what can be done with this storage at all… So we just thought: “ Why don’t we update the data in etcd by replacing old subnet IPs with the new ones?”.

The cluster is managed by Kubernetes 1.16.6 (however, our steps will fit other versions, too).

We would like to make the transition as hassle-free as possible.

We would prefer to avoid having to redeploy all services in the cluster.

There are both bare metal and cloud Kubernetes clusters.Unfortunately, that does not work for everyone… Let’s have a more detailed problem definition for our case: Since I still did not find the solution, I had to reset the entire cluster with kubeadm reset and init it again. The following process has a problem: after everything configured, the pods come up with the old IP as a DNS nameserver in /etc/nf. You can find this kind of advices as well: The most common way is to recreate all services of the ClusterIP type. At the same time, we are maintaining a large number of K8s clusters that we would prefer not to redeploy from the scratch since they have many running services, stateful applications, and so on.Īt some point, we’ve asked ourselves: how do we change a subnet in the existing cluster? Searching for a solution In this case, any cluster has its own networks. We have been using different subnets for different services and pods within the same project for quite a while. In this case, all of them will have the same subnets for pods and services by default, which makes it very difficult to use services in multiple clusters simultaneously. We have several clusters ( production, stage, multiple dev clusters).And that is a recipe for disaster: home routers use the same address space, so the VPN pushes these subnets from the cluster to the client. The 192.168.*.* subnet is often used in our customers’ offices, and even more often in the home offices of developers.However, there are a couple of subtleties:

Generally, this approach works just fine. It returns the address for this service from the cluster’s service network or the address of the pod. As a result, when the client tries to connect to the .local service, the request goes to the cluster’s DNS. To do this, we announce subnets related to pods & services and push cluster’s DNS to the client. We accomplish that via a VPN inside the cluster to which the client connects. They want to be able to connect directly to a database or a service, to connect their local application to other applications within the cluster, etc.įor example, you might need to connect to the .local service from your local machine. How it all startedĪn increasing number of customers (that’s basically developers) ask us to provide access to the Kubernetes cluster in order to interact with internal services. We’ve been made to perform such a task and here’s our story: why and how we’ve done it.

#WHAT IS KUBERNETES ETCD UPGRADE#

Doing it with the etcd Operator simplifies operations and avoids common upgrade errors.Have you ever thought about a “low-level” way of changing the etcd data of your Kubernetes cluster? That is, you alter etcd-stored values without using any common Kubernetes tooling like its native CLI utilities or even API. Upgrade - Upgrading etcd without downtime is a critical but difficult task.

For example: Backup every 30 minutes and keep the last 3 backups. Users only need to specify the backup policy. Resize - Users only need to modify the size in spec and the etcd Operator will take care of deploying, destroying and/or reconfiguring cluster members.īackup - The etcd Operator performs backups automatically and transparently. The etcd Operator provides the following features:Ĭreate/Destroy - Instead of specifying tedious configuration settings for each etcd member, users only need to specify the size of the cluster. The etcd Operator installs with a single command and allows users to configure and manage the complexities of etcd using simple declarative configuration that creates, configures, and manages etcd clusters. The etcd Operator manages etcd within the Operator Framework and serves to simplify etcd cluster configuration and management. Using an Operator, which represents human operational knowledge, makes etcd easier to use on Kubernetes or a Kubernetes container platform, like Red Hat OpenShift.