Closed mwindower closed 3 years ago
Two questions comes in mind:
Idea for the watchdog:
/etc/metal/firewall-controller-status.yaml
---
lastversion: v0.2.0
actualversion: v0.2.0
lastreconcile: 2020-11-24:09-10.34
nextversion: v0.2.1
Maybe this is to difficult and error-prone
No second concern is howto handle a situation if the update fails for whatever reason, how do we come back to the previous known stable state.
For normal errors like download / checksum errors, the controller does a retry already.
If os.Rename
fails from the temp location of the new binary to the real location fails, we should have a backup of the old version? - this is not yet covered.
Or if we specify a broken version, all firewalls will be borked, this is my concern
This is not an auto-update to the latest version.
We would definitely update firewall-controller versions in a controlled manner... meaning setting it with cloudctl cluster update
OK, lets go for it, agreed
needs adoption in gepm, cloud-api and cloudctl