diff options
| author | Valentin Rothberg <vrothberg@redhat.com> | 2022-08-30 11:17:25 +0200 |
|---|---|---|
| committer | Valentin Rothberg <vrothberg@redhat.com> | 2022-09-06 08:56:55 +0200 |
| commit | 274d34a25a3ed7b69a6e4caec07e845157048c96 (patch) | |
| tree | 614541562404a3fac4b66cb4473a4d5aa298c0fb /pkg/autoupdate/autoupdate.go | |
| parent | bdfc4df1f20b18c785c67b79369b9011303889cc (diff) | |
| download | podman-274d34a25a3ed7b69a6e4caec07e845157048c96.tar.gz podman-274d34a25a3ed7b69a6e4caec07e845157048c96.tar.bz2 podman-274d34a25a3ed7b69a6e4caec07e845157048c96.zip | |
kube play: support auto updates and rollbacks
Add auto-update support to `podman kube play`. Auto-update policies can
be configured for:
* the entire pod via the `io.containers.autoupdate` annotation
* a specific container via the `io.containers.autoupdate/$name` annotation
To make use of rollbacks, the `io.containers.sdnotify` policy should be
set to `container` such that the workload running _inside_ the container
can send the READY message via the NOTIFY_SOCKET once ready. For
further details on auto updates and rollbacks, please refer to the
specific article [1].
Since auto updates and rollbacks bases on Podman's systemd integration,
the k8s YAML must be executed in the `podman-kube@` systemd template.
For further details on how to run k8s YAML in systemd via Podman, please
refer to the specific article [2].
An examplary k8s YAML may look as follows:
```YAML
apiVersion: v1
kind: Pod
metadata:
annotations:
io.containers.autoupdate: "local"
io.containers.autoupdate/b: "registry"
labels:
app: test
name: test_pod
spec:
containers:
- command:
- top
image: alpine
name: a
- command:
- top
image: alpine
name: b
```
[1] https://www.redhat.com/sysadmin/podman-auto-updates-rollbacks
[2] https://www.redhat.com/sysadmin/kubernetes-workloads-podman-systemd
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
Diffstat (limited to 'pkg/autoupdate/autoupdate.go')
| -rw-r--r-- | pkg/autoupdate/autoupdate.go | 21 |
1 files changed, 14 insertions, 7 deletions
diff --git a/pkg/autoupdate/autoupdate.go b/pkg/autoupdate/autoupdate.go index 17cea6719..9cf77d135 100644 --- a/pkg/autoupdate/autoupdate.go +++ b/pkg/autoupdate/autoupdate.go @@ -188,13 +188,8 @@ func AutoUpdate(ctx context.Context, runtime *libpod.Runtime, options entities.A // updateUnit auto updates the tasks in the specified systemd unit. func (u *updater) updateUnit(ctx context.Context, unit string, tasks []*task) []error { var errors []error - // Sanity check: we'll support that in the future. - if len(tasks) != 1 { - errors = append(errors, fmt.Errorf("only 1 task per unit supported but unit %s has %d", unit, len(tasks))) - return errors - } - tasksUpdated := false + for _, task := range tasks { err := func() error { // Use an anonymous function to avoid spaghetti continue's updateAvailable, err := task.updateAvailable(ctx) @@ -255,6 +250,9 @@ func (u *updater) updateUnit(ctx context.Context, unit string, tasks []*task) [] } if err := u.restartSystemdUnit(ctx, unit); err != nil { + for _, task := range tasks { + task.status = statusFailed + } err = fmt.Errorf("restarting unit %s during rollback: %w", unit, err) errors = append(errors, err) return errors @@ -283,7 +281,16 @@ func (t *task) report() *entities.AutoUpdateReport { func (t *task) updateAvailable(ctx context.Context) (bool, error) { switch t.policy { case PolicyRegistryImage: - return t.registryUpdateAvailable(ctx) + // Errors checking for updates only should not be fatal. + // Especially on Edge systems, connection may be limited or + // there may just be a temporary downtime of the registry. + // But make sure to leave some breadcrumbs in the debug logs + // such that potential issues _can_ be analyzed if needed. + available, err := t.registryUpdateAvailable(ctx) + if err != nil { + logrus.Debugf("Error checking updates for image %s: %v (ignoring error)", t.rawImageName, err) + } + return available, nil case PolicyLocalImage: return t.localUpdateAvailable() default: |