christianlight/tutor
7
0
Fork 0
mirror of https://github.com/ChristianLight/tutor.git synced 2024-06-26 00:42:35 +00:00
Code Issues Releases Activity
55582575f0
tutor/CHANGELOG-nightly.md
Florian Haas 55582575f0 fix: Stop creating immutable resource label that breaks "tutor k8s" on Tutor version changes 
Through the commonLabels directive in kustomization.yml, all resources
get a label named "app.kubernetes.io/version", which is being set to
the Tutor version at the time of initial deployment.

When the user then subsequently progresses to a new Tutor version,
Kubernetes attempts to update this label — but for Deployment,
ReplicaSet, and DaemonSet resources, this is no longer allowed as of
https://github.com/kubernetes/kubernetes/issues/50808. This causes
"tutor k8s start" (at the "kubectl apply --kustomize" step) to break
with errors such as:

Deployment.apps "redis" is invalid: spec.selector: Invalid value: v1.LabelSelector{MatchLabels:map[string]string{"app.kubernetes.io/instance":"openedx-JIONBLbtByCGUYgHgr4tDWu1", "app.kubernetes.io/managed-by":"tutor", "app.kubernetes.io/name":"redis", "app.kubernetes.io/part-of":"openedx", "app.kubernetes.io/version":"12.1.7"}, MatchExpressions:[]v1.LabelSelectorRequirement(nil)}: field is immutable

Simply removing the app.kubernetes.io/version label from
kustomization.yml will permanently fix this issue for newly created
Kubernetes deployments, which will "survive" any future Tutor version
changes thereafter.

However, *existing* production Open edX deployments will need to throw
the affected Deployments away, and re-create them.

Also, add the Tutor version as a resource annotation instead, using
the commonAnnotations directive.

See also:
https://github.com/kubernetes/client-go/issues/508
https://kubectl.docs.kubernetes.io/references/kustomize/kustomization/commonlabels/
https://kubectl.docs.kubernetes.io/references/kustomize/kustomization/commonannotations/

Fixes #531.
2021-11-25 09:09:26 +01:00

1.5 KiB
Raw Blame History

Changelog (nightly branch)

Note: Breaking changes between versions are indicated by "💥".

  • 💥[Bugfix] No longer track the Tutor version number in resource labels (and label selectors, which breaks the update of Deployment resources), but instead do so in resource annotations.
  • [Bugfix] Make it possible for plugins to implement the "caddyfile" patch without relying on the "port" local variable.
  • 💥[Improvement] Move the Open edX forum to a dedicated plugin (#450).
  • 💥[Improvement] Get rid of the "tutor-openedx" package, which is no longer supported.
  • [Bugfix] Fix running Caddy container in k8s, which should always be the case even if ENABLE_WEB_PROXY is false.
  • 💥[Improvement] Run all services as unprivileged containers, for better security. This has multiple consequences:
    • The "openedx-dev" image is now built with tutor dev dc build lms.
    • The "smtp" service now runs the "devture/exim-relay" Docker image, which is unprivileged. Also, the default SMTP port is now 8025.
  • 💥[Feature] Get rid of the nginx container and service, which is now replaced by Caddy. this has the following consequences:
    • Patches "nginx-cms", "nginx-lms", "nginx-extra", "local-docker-compose-nginx-aliases" are replaced by "caddyfile-cms", "caddyfile-lms", "caddyfile", " local-docker-compose-caddy-aliases".
    • Patches "k8s-deployments-nginx-volume-mounts", "k8s-deployments-nginx-volumes" were obsolete and are removed.
    • The NGINX_HTTP_PORT setting is renamed to CADDY_HTTP_PORT.