Kops Change Management
I am a big fan of using kops for deploying a Kubernetes clusters and more importantly maintaining a cluster throughout it’s lifecycle. Cluster creation is probably less than 10% of all the activities you will do with a cluster. The majority of the time is updating the cluster versions and changing different settings to meet your needs as you evolve with the cluster.
This is why being able to make changes to a cluster safely should be a very big part of any tool you use for deploying and maintaining Kubernetes clusters. Kubernetes clusters are very complex!
This is one of the big reason why I Love the kops tool so much. Not only does it allow me to bring up a cluster with the options I want but it also allows me to update it in a very safe manor and it tells me what is about to be applied to the cluster.
Here is an example that inspired this blog where I just had to write about it. It is not so much about what I am changing here (which I will go through) but it is more about what the tool told me what will happen.
Here is the scenario and what I wanted to change. We have two regions with non-overlapping
IPs (yeah we thought ahead =) ) that we want to VPC peer together so that they can reach each other.
So great, we peered it and setup the routes but traffic couldn’t reach each other.
With a little bit of troubleshooting we found out that docker0 interface was using
the same IP CIDR range as the peered VPC =(. So either change the VPC CIDR or the
docker0 CIDR. We choose to change the docker0 CIDR.
Looking around in kops we found the option to change it but it wasn’t very well documented. The best we found was this: https://github.com/kubernetes/kops/issues/5336
So we gave it a try adding this seciton into our kops cluster config:
docker:
bridgeIP: 172.26.0.0/16
logDriver: json-file
Then we ran: kops cluster update my-cluster
...
...
Will modify resources:
LaunchConfiguration/infrastructure-zone-a.dev.us-east-1.k8s.local
UserData
...
cloudConfig: null
docker:
+ bridgeIP: 172.26.0.0/16
ipMasq: false
ipTables: false
logDriver: json-file
logLevel: warn
- logOpt:
- - max-size=10m
- - max-file=5
storage: overlay2,overlay,aufs
version: 17.03.2
...
...
...
This is showing me that by adding this option it is actually removing a few entries, the ones with the minus sign on the left of it:
- logOpt:
- - max-size=10m
- - max-file=5
Yikes…I don’t think we want to remove entires.
So we updated the config to include those:
docker:
bridgeIP: 172.26.0.0/16
logDriver: json-file
logOpt:
- max-size=10m
- max-file=5
Then ran kops cluster update my-cluster again:
...
...
LaunchConfiguration/on-demand-zone-a.dev.us-east-1.k8s.local
UserData
...
cloudConfig: null
docker:
+ bridgeIP: 172.26.0.0/16
ipMasq: false
ipTables: false
...
...
...
Which gave us one change, which is adding the bridgeIP param.
I find this awesome! It is very expressive on what config is changing and it displays it to my output in a clear and concise manor.
Need personalized help?
ManagedKube provides DevOps consulting services that help you leverage the power of Docker/Kubernetes in building highly resilient, secure, and scalable fully automated CI/CD workflows.
Schedule a free 15 minute consultation today by e-mailing us: consulting@managedkube.com
Contact me if you have any questions about this or want to chat, happy to start a dialog or help out: blogs@managedkube.com {::nomarkdown}
Learn more about integrating Kubernetes apps
{:/nomarkdown}
Kops | Change | Management