search

bottlerocket-os / bottlerocket-update-operator

A Kubernetes operator for automated updates to Bottlerocket
Other
179 stars 41 forks source link

Update dependencies #602

Closed yeazelm closed 8 months ago

yeazelm commented 8 months ago

Description of changes: Updates dependencies to resolve several dependabot PRs along with moving code to compatible implementations for new opentelemetry changes.

actix-web-opentelemetry to 0.17
k8s-openapi to 0.21
kube to 0.85
opentelemetry to 0.22
opentelemetry_sdk to 0.22
opentelemetry-prometheus to 0.15

Used https://kube.rs/upgrading/ to ensure the dependencies work together.

Testing done:

Ran integ tests and validated that Prometheus can see the upgrade metrics still.

$ cargo run --bin integ integration-test --cluster-name brupop27 --region us-west-2 --bottlerocket-version 1.19.0  --nodegroup-name brupop
    Finished dev [unoptimized + debuginfo] target(s) in 0.16s
     Running `target/debug/integ integration-test --cluster-name brupop27 --region us-west-2 --bottlerocket-version 1.19.0 --nodegroup-name brupop`
[2024-03-16T19:00:57Z INFO  aws_config::meta::region] load_region; provider=Some(Region("us-west-2"))
[2024-03-16T19:00:57Z INFO  tracing::span] lazy_load_credentials;
[2024-03-16T19:00:57Z INFO  aws_credential_types::cache::lazy_caching] credentials cache miss occurred; added new AWS credentials (took Ok(58.948µs))
[2024-03-16T19:00:58Z INFO  tracing::span] lazy_load_credentials;
[2024-03-16T19:00:58Z INFO  aws_credential_types::cache::lazy_caching] credentials cache miss occurred; added new AWS credentials (took Ok(94.601µs))
[2024-03-16T19:00:58Z INFO  tracing::span] lazy_load_credentials;
[2024-03-16T19:00:58Z INFO  aws_credential_types::cache::lazy_caching] credentials cache miss occurred; added new AWS credentials (took Ok(110.054µs))
[2024-03-16T19:00:59Z INFO  integ] decoding and writing kubeconfig ...
2024-03-16 19:01:00 [✔]  saved kubeconfig as "/tmp/brupop27-us-west-2/kubeconfig.yaml"
[2024-03-16T19:01:00Z INFO  integ] kubeconfig has been written and store at "/tmp/brupop27-us-west-2/kubeconfig.yaml"
[2024-03-16T19:01:00Z INFO  integ] Creating EC2 instances via nodegroup ...
[2024-03-16T19:01:00Z INFO  aws_config::meta::region] load_region; provider=Some(Region("us-west-2"))
[2024-03-16T19:01:00Z INFO  tracing::span] lazy_load_credentials;
[2024-03-16T19:01:00Z INFO  aws_credential_types::cache::lazy_caching] credentials cache miss occurred; added new AWS credentials (took Ok(42.823µs))
[2024-03-16T19:01:00Z INFO  tracing::span] lazy_load_credentials;
[2024-03-16T19:01:00Z INFO  aws_credential_types::cache::lazy_caching] credentials cache miss occurred; added new AWS credentials (took Ok(87.247µs))
[2024-03-16T19:01:00Z INFO  tracing::span] lazy_load_credentials;
[2024-03-16T19:01:00Z INFO  aws_credential_types::cache::lazy_caching] credentials cache miss occurred; added new AWS credentials (took Ok(85.953µs))
[2024-03-16T19:01:01Z INFO  tracing::span] lazy_load_credentials;
[2024-03-16T19:01:01Z INFO  aws_credential_types::cache::lazy_caching] credentials cache miss occurred; added new AWS credentials (took Ok(218.437µs))
[2024-03-16T19:04:08Z INFO  integ] EC2 instances/nodegroup have been created
[2024-03-16T19:04:08Z INFO  integ] creating pods(statefulset pods, stateless pods, and pods with PodDisruptionBudgets) ...

service/nginx created
statefulset.apps/web-test created
deployment.apps/nginx-test created
poddisruptionbudget.policy/pod-disruption-budget-test created
[2024-03-16T19:04:09Z INFO  integ] Running cert-manager on existing EKS cluster ...
namespace/cert-manager created
customresourcedefinition.apiextensions.k8s.io/certificaterequests.cert-manager.io created
customresourcedefinition.apiextensions.k8s.io/certificates.cert-manager.io created
customresourcedefinition.apiextensions.k8s.io/challenges.acme.cert-manager.io created
customresourcedefinition.apiextensions.k8s.io/clusterissuers.cert-manager.io created
customresourcedefinition.apiextensions.k8s.io/issuers.cert-manager.io created
customresourcedefinition.apiextensions.k8s.io/orders.acme.cert-manager.io created
serviceaccount/cert-manager-cainjector created
serviceaccount/cert-manager created
serviceaccount/cert-manager-webhook created
configmap/cert-manager-webhook created
clusterrole.rbac.authorization.k8s.io/cert-manager-cainjector created
clusterrole.rbac.authorization.k8s.io/cert-manager-controller-issuers created
clusterrole.rbac.authorization.k8s.io/cert-manager-controller-clusterissuers created
clusterrole.rbac.authorization.k8s.io/cert-manager-controller-certificates created
clusterrole.rbac.authorization.k8s.io/cert-manager-controller-orders created
clusterrole.rbac.authorization.k8s.io/cert-manager-controller-challenges created
clusterrole.rbac.authorization.k8s.io/cert-manager-controller-ingress-shim created
clusterrole.rbac.authorization.k8s.io/cert-manager-view created
clusterrole.rbac.authorization.k8s.io/cert-manager-edit created
clusterrole.rbac.authorization.k8s.io/cert-manager-controller-approve:cert-manager-io created
clusterrole.rbac.authorization.k8s.io/cert-manager-controller-certificatesigningrequests created
clusterrole.rbac.authorization.k8s.io/cert-manager-webhook:subjectaccessreviews created
clusterrolebinding.rbac.authorization.k8s.io/cert-manager-cainjector created
clusterrolebinding.rbac.authorization.k8s.io/cert-manager-controller-issuers created
clusterrolebinding.rbac.authorization.k8s.io/cert-manager-controller-clusterissuers created
clusterrolebinding.rbac.authorization.k8s.io/cert-manager-controller-certificates created
clusterrolebinding.rbac.authorization.k8s.io/cert-manager-controller-orders created
clusterrolebinding.rbac.authorization.k8s.io/cert-manager-controller-challenges created
clusterrolebinding.rbac.authorization.k8s.io/cert-manager-controller-ingress-shim created
clusterrolebinding.rbac.authorization.k8s.io/cert-manager-controller-approve:cert-manager-io created
clusterrolebinding.rbac.authorization.k8s.io/cert-manager-controller-certificatesigningrequests created
clusterrolebinding.rbac.authorization.k8s.io/cert-manager-webhook:subjectaccessreviews created
role.rbac.authorization.k8s.io/cert-manager-cainjector:leaderelection created
role.rbac.authorization.k8s.io/cert-manager:leaderelection created
role.rbac.authorization.k8s.io/cert-manager-webhook:dynamic-serving created
rolebinding.rbac.authorization.k8s.io/cert-manager-cainjector:leaderelection created
rolebinding.rbac.authorization.k8s.io/cert-manager:leaderelection created
rolebinding.rbac.authorization.k8s.io/cert-manager-webhook:dynamic-serving created
service/cert-manager created
service/cert-manager-webhook created
deployment.apps/cert-manager-cainjector created
deployment.apps/cert-manager created
deployment.apps/cert-manager-webhook created
mutatingwebhookconfiguration.admissionregistration.k8s.io/cert-manager-webhook created
validatingwebhookconfiguration.admissionregistration.k8s.io/cert-manager-webhook created
[2024-03-16T19:05:42Z INFO  integ] Running brupop on existing EKS cluster ...
namespace/brupop-bottlerocket-aws created
customresourcedefinition.apiextensions.k8s.io/bottlerocketshadows.brupop.bottlerocket.aws created
serviceaccount/brupop-agent-service-account created
serviceaccount/brupop-apiserver-service-account created
serviceaccount/brupop-controller-service-account created
clusterrole.rbac.authorization.k8s.io/brupop-agent-role created
clusterrole.rbac.authorization.k8s.io/brupop-apiserver-role created
clusterrole.rbac.authorization.k8s.io/brupop-controller-role created
clusterrolebinding.rbac.authorization.k8s.io/brupop-agent-role-binding created
clusterrolebinding.rbac.authorization.k8s.io/brupop-apiserver-auth-delegator-role-binding created
clusterrolebinding.rbac.authorization.k8s.io/brupop-apiserver-role-binding created
clusterrolebinding.rbac.authorization.k8s.io/brupop-controller-role-binding created
service/brupop-apiserver created
service/brupop-controller-server created
daemonset.apps/brupop-agent created
deployment.apps/brupop-apiserver created
deployment.apps/brupop-controller-deployment created
certificate.cert-manager.io/brupop-apiserver-client-certificate created
certificate.cert-manager.io/brupop-apiserver-certificate created
certificate.cert-manager.io/brupop-selfsigned-ca created
issuer.cert-manager.io/brupop-root-certificate-issuer created
issuer.cert-manager.io/selfsigned-issuer created
priorityclass.scheduling.k8s.io/brupop-controller-high-priority created

$ cargo run --bin integ monitor --cluster-name brupop27 --region us-west-2

[2024-03-18T17:49:44Z INFO  integ] monitoring brupop
brs: "brs-ip-192-168-136-95.us-west-2.compute.internal"      current_version: "1.19.0"       current_state: Idle
brs: "brs-ip-192-168-147-125.us-west-2.compute.internal"      current_version: "1.19.2"       current_state: Idle
brs: "brs-ip-192-168-159-14.us-west-2.compute.internal"      current_version: "1.19.0"       current_state: Idle
[Not ready] keep monitoring!
brs: "brs-ip-192-168-136-95.us-west-2.compute.internal"      current_version: "1.19.0"       current_state: Idle
brs: "brs-ip-192-168-147-125.us-west-2.compute.internal"      current_version: "1.19.2"       current_state: Idle
brs: "brs-ip-192-168-159-14.us-west-2.compute.internal"      current_version: "1.19.0"       current_state: Idle
[Not ready] keep monitoring!
brs: "brs-ip-192-168-136-95.us-west-2.compute.internal"      current_version: "1.19.0"       current_state: Idle
brs: "brs-ip-192-168-147-125.us-west-2.compute.internal"      current_version: "1.19.2"       current_state: Idle
brs: "brs-ip-192-168-159-14.us-west-2.compute.internal"      current_version: "1.19.0"       current_state: Idle
[Not ready] keep monitoring!
brs: "brs-ip-192-168-136-95.us-west-2.compute.internal"      current_version: "1.19.0"       current_state: Idle
brs: "brs-ip-192-168-147-125.us-west-2.compute.internal"      current_version: "1.19.2"       current_state: Idle
brs: "brs-ip-192-168-159-14.us-west-2.compute.internal"      current_version: "1.19.0"       current_state: StagedAndPerformedUpdate
[Not ready] keep monitoring!
brs: "brs-ip-192-168-136-95.us-west-2.compute.internal"      current_version: "1.19.0"       current_state: Idle
brs: "brs-ip-192-168-147-125.us-west-2.compute.internal"      current_version: "1.19.2"       current_state: Idle
brs: "brs-ip-192-168-159-14.us-west-2.compute.internal"      current_version: "1.19.0"       current_state: StagedAndPerformedUpdate
[Not ready] keep monitoring!
brs: "brs-ip-192-168-136-95.us-west-2.compute.internal"      current_version: "1.19.0"       current_state: Idle
brs: "brs-ip-192-168-147-125.us-west-2.compute.internal"      current_version: "1.19.2"       current_state: Idle
brs: "brs-ip-192-168-159-14.us-west-2.compute.internal"      current_version: "1.19.0"       current_state: StagedAndPerformedUpdate
[Not ready] keep monitoring!
brs: "brs-ip-192-168-136-95.us-west-2.compute.internal"      current_version: "1.19.0"       current_state: Idle
brs: "brs-ip-192-168-147-125.us-west-2.compute.internal"      current_version: "1.19.2"       current_state: Idle
brs: "brs-ip-192-168-159-14.us-west-2.compute.internal"      current_version: "1.19.2"       current_state: Idle
[Not ready] keep monitoring!
brs: "brs-ip-192-168-136-95.us-west-2.compute.internal"      current_version: "1.19.0"       current_state: Idle
brs: "brs-ip-192-168-147-125.us-west-2.compute.internal"      current_version: "1.19.2"       current_state: Idle
brs: "brs-ip-192-168-159-14.us-west-2.compute.internal"      current_version: "1.19.2"       current_state: Idle
[Not ready] keep monitoring!
brs: "brs-ip-192-168-136-95.us-west-2.compute.internal"      current_version: "1.19.0"       current_state: Idle
brs: "brs-ip-192-168-147-125.us-west-2.compute.internal"      current_version: "1.19.2"       current_state: Idle
brs: "brs-ip-192-168-159-14.us-west-2.compute.internal"      current_version: "1.19.2"       current_state: Idle
[Not ready] keep monitoring!
brs: "brs-ip-192-168-136-95.us-west-2.compute.internal"      current_version: "1.19.0"       current_state: StagedAndPerformedUpdate
brs: "brs-ip-192-168-147-125.us-west-2.compute.internal"      current_version: "1.19.2"       current_state: Idle
brs: "brs-ip-192-168-159-14.us-west-2.compute.internal"      current_version: "1.19.2"       current_state: Idle
[Not ready] keep monitoring!
brs: "brs-ip-192-168-136-95.us-west-2.compute.internal"      current_version: "1.19.0"       current_state: StagedAndPerformedUpdate
brs: "brs-ip-192-168-147-125.us-west-2.compute.internal"      current_version: "1.19.2"       current_state: Idle
brs: "brs-ip-192-168-159-14.us-west-2.compute.internal"      current_version: "1.19.2"       current_state: Idle
[Not ready] keep monitoring!
brs: "brs-ip-192-168-136-95.us-west-2.compute.internal"      current_version: "1.19.0"       current_state: StagedAndPerformedUpdate
brs: "brs-ip-192-168-147-125.us-west-2.compute.internal"      current_version: "1.19.2"       current_state: Idle
brs: "brs-ip-192-168-159-14.us-west-2.compute.internal"      current_version: "1.19.2"       current_state: Idle
[Not ready] keep monitoring!
brs: "brs-ip-192-168-136-95.us-west-2.compute.internal"      current_version: "1.19.2"       current_state: Idle
brs: "brs-ip-192-168-147-125.us-west-2.compute.internal"      current_version: "1.19.2"       current_state: Idle
brs: "brs-ip-192-168-159-14.us-west-2.compute.internal"      current_version: "1.19.2"       current_state: Idle
[Complete]: All nodes have been successfully updated to latest version!

$ cargo run --bin integ monitor --cluster-name brupop27 --region us-west-2
    Finished dev [unoptimized + debuginfo] target(s) in 0.17s
     Running `target/debug/integ monitor --cluster-name brupop27 --region us-west-2`
[2024-03-16T19:41:09Z INFO  aws_config::meta::region] load_region; provider=Some(Region("us-west-2"))
[2024-03-16T19:41:10Z INFO  tracing::span] lazy_load_credentials;
[2024-03-16T19:41:10Z INFO  aws_credential_types::cache::lazy_caching] credentials cache miss occurred; added new AWS credentials (took Ok(52.064µs))
[2024-03-16T19:41:10Z INFO  tracing::span] lazy_load_credentials;
[2024-03-16T19:41:10Z INFO  aws_credential_types::cache::lazy_caching] credentials cache miss occurred; added new AWS credentials (took Ok(97.123µs))
[2024-03-16T19:41:11Z INFO  tracing::span] lazy_load_credentials;
[2024-03-16T19:41:11Z INFO  aws_credential_types::cache::lazy_caching] credentials cache miss occurred; added new AWS credentials (took Ok(117.511µs))
[2024-03-16T19:41:13Z INFO  integ] monitoring brupop
brs: "brs-ip-192-168-149-125.us-west-2.compute.internal"      current_version: "1.19.2"       current_state: Idle
brs: "brs-ip-192-168-150-232.us-west-2.compute.internal"      current_version: "1.19.2"       current_state: Idle
brs: "brs-ip-192-168-152-25.us-west-2.compute.internal"      current_version: "1.19.2"       current_state: Idle

Terms of contribution:

By submitting this pull request, I agree that this contribution is dual-licensed under the terms of both the Apache License, version 2.0, and the MIT license.

yeazelm commented 8 months ago

Updated the commits to include apiserver by attaching the resource to the provider with .with_resource(Resource::new([KeyValue::new("service.name", "apiserver")])) and put the tokio feature into the opentelemetry_sdk. I also cleaned up a few more warnings that were bugging me and re-ran the integration tests.