Allow pausing machine config pools on failure (#192)

Author: bastjan

api/v1beta1/upgradejob_types.go

@@ -57,6 +57,8 @@ const (
 	UpgradeJobReasonDelaySet = "DelaySet"
 	// UpgradeJobReasonDelayReached is used to indicate that the pause delay for the upgrade of the machine config pool has expired.
 	UpgradeJobReasonDelayReached = "DelayReached"
+	// UpgradeJobReasonPausedOnFailure is used when the upgrade job paused machine config pools due to job failure.
+	UpgradeJobReasonPausedOnFailure = "PausedOnFailure"
 )
 
 // UpgradeJobSpec defines the desired state of UpgradeJob
@@ -109,6 +111,25 @@ type UpgradeJobConfig struct {
 	// MachineConfigPools defines the machine config pool specific configuration for the upgrade job
 	// +optional
 	MachineConfigPools []UpgradeJobMachineConfigPoolSpec `json:"machineConfigPools,omitempty"`
+
+	// PauseMachineConfigPoolsOnFailure allows pausing machine config pools on upgrade job failure.
+	// Allows further investigation and manual remediation by the cluster administrator.
+	// +optional
+	PauseMachineConfigPoolsOnFailure PauseMachineConfigPoolsOnFailureSpec `json:"pauseMachineConfigPoolsOnFailure"`
+}
+
+// PauseMachineConfigPoolsOnFailureSpec defines the configuration for pausing machine config pools on upgrade job failure.
+type PauseMachineConfigPoolsOnFailureSpec struct {
+	// Enabled defines whether to pause machine config pools on upgrade job failure.
+	// If true, the controller will pause machine config pools matching the selector if an upgrade job fails.
+	// Machine config pools should then be unpaused manually by the cluster administrator after the underlying issue has been resolved.
+	// Machine config pools that are already done updating or that are already paused are not affected.
+	// +optional
+	Enabled bool `json:"enabled"`
+	// Selector defines the labels to match the machine config pools to pause on failure.
+	// If empty, all machine config pools are matched.
+	// +optional
+	Selector metav1.LabelSelector `json:"selector"`
 }
 
 // UpgradeJobMachineConfigPoolSpec allows configuring the upgrade of a machine config pool

api/v1beta1/zz_generated.deepcopy.go

@@ -145,6 +145,68 @@ spec:
                                   x-kubernetes-map-type: atomic
                               type: object
                             type: array
+                          pauseMachineConfigPoolsOnFailure:
+                            description: |-
+                              PauseMachineConfigPoolsOnFailure allows pausing machine config pools on upgrade job failure.
+                              Allows further investigation and manual remediation by the cluster administrator.
+                            properties:
+                              enabled:
+                                description: |-
+                                  Enabled defines whether to pause machine config pools on upgrade job failure.
+                                  If true, the controller will pause machine config pools matching the selector if an upgrade job fails.
+                                  Machine config pools should then be unpaused manually by the cluster administrator after the underlying issue has been resolved.
+                                  Machine config pools that are already done updating or that are already paused are not affected.
+                                type: boolean
+                              selector:
+                                description: |-
+                                  Selector defines the labels to match the machine config pools to pause on failure.
+                                  If empty, all machine config pools are matched.
+                                properties:
+                                  matchExpressions:
+                                    description: matchExpressions is a list of label
+                                      selector requirements. The requirements are
+                                      ANDed.
+                                    items:
+                                      description: |-
+                                        A label selector requirement is a selector that contains values, a key, and an operator that
+                                        relates the key and values.
+                                      properties:
+                                        key:
+                                          description: key is the label key that the
+                                            selector applies to.
+                                          type: string
+                                        operator:
+                                          description: |-
+                                            operator represents a key's relationship to a set of values.
+                                            Valid operators are In, NotIn, Exists and DoesNotExist.
+                                          type: string
+                                        values:
+                                          description: |-
+                                            values is an array of string values. If the operator is In or NotIn,
+                                            the values array must be non-empty. If the operator is Exists or DoesNotExist,
+                                            the values array must be empty. This array is replaced during a strategic
+                                            merge patch.
+                                          items:
+                                            type: string
+                                          type: array
+                                          x-kubernetes-list-type: atomic
+                                      required:
+                                      - key
+                                      - operator
+                                      type: object
+                                    type: array
+                                    x-kubernetes-list-type: atomic
+                                  matchLabels:
+                                    additionalProperties:
+                                      type: string
+                                    description: |-
+                                      matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
+                                      map is equivalent to an element of matchExpressions, whose key field is "key", the
+                                      operator is "In", and the values array contains only "value". The requirements are ANDed.
+                                    type: object
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
                           postUpgradeHealthChecks:
                             description: PostUpgradeHealthChecks defines the health
                               checks to be performed after the upgrade

config/crd/bases/managedupgrade.appuio.io_upgradeconfigs.yaml

@@ -117,6 +117,67 @@ spec:
                           x-kubernetes-map-type: atomic
                       type: object
                     type: array
+                  pauseMachineConfigPoolsOnFailure:
+                    description: |-
+                      PauseMachineConfigPoolsOnFailure allows pausing machine config pools on upgrade job failure.
+                      Allows further investigation and manual remediation by the cluster administrator.
+                    properties:
+                      enabled:
+                        description: |-
+                          Enabled defines whether to pause machine config pools on upgrade job failure.
+                          If true, the controller will pause machine config pools matching the selector if an upgrade job fails.
+                          Machine config pools should then be unpaused manually by the cluster administrator after the underlying issue has been resolved.
+                          Machine config pools that are already done updating or that are already paused are not affected.
+                        type: boolean
+                      selector:
+                        description: |-
+                          Selector defines the labels to match the machine config pools to pause on failure.
+                          If empty, all machine config pools are matched.
+                        properties:
+                          matchExpressions:
+                            description: matchExpressions is a list of label selector
+                              requirements. The requirements are ANDed.
+                            items:
+                              description: |-
+                                A label selector requirement is a selector that contains values, a key, and an operator that
+                                relates the key and values.
+                              properties:
+                                key:
+                                  description: key is the label key that the selector
+                                    applies to.
+                                  type: string
+                                operator:
+                                  description: |-
+                                    operator represents a key's relationship to a set of values.
+                                    Valid operators are In, NotIn, Exists and DoesNotExist.
+                                  type: string
+                                values:
+                                  description: |-
+                                    values is an array of string values. If the operator is In or NotIn,
+                                    the values array must be non-empty. If the operator is Exists or DoesNotExist,
+                                    the values array must be empty. This array is replaced during a strategic
+                                    merge patch.
+                                  items:
+                                    type: string
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                              required:
+                              - key
+                              - operator
+                              type: object
+                            type: array
+                            x-kubernetes-list-type: atomic
+                          matchLabels:
+                            additionalProperties:
+                              type: string
+                            description: |-
+                              matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
+                              map is equivalent to an element of matchExpressions, whose key field is "key", the
+                              operator is "In", and the values array contains only "value". The requirements are ANDed.
+                            type: object
+                        type: object
+                        x-kubernetes-map-type: atomic
+                    type: object
                   postUpgradeHealthChecks:
                     description: PostUpgradeHealthChecks defines the health checks
                       to be performed after the upgrade

config/crd/bases/managedupgrade.appuio.io_upgradejobs.yaml

@@ -22,7 +22,7 @@ import (
 )
 
 //+kubebuilder:rbac:groups=config.openshift.io,resources=clusterversions,verbs=get;list;watch;update;patch
-//+kubebuilder:rbac:groups=machineconfiguration.openshift.io,resources=machineconfigpools,verbs=get;list;watch;update;patch
+//+kubebuilder:rbac:groups=machineconfiguration.openshift.io,resources=machineconfigpools,verbs=get;list;watch
 
 var clusterUpgradingDesc = prometheus.NewDesc(
 	MetricsNamespace+"_cluster_upgrading",

controllers/upgrade_information_collector.go

@@ -61,7 +61,7 @@ const (
 )
 
 //+kubebuilder:rbac:groups=config.openshift.io,resources=clusterversions,verbs=get;list;watch;update;patch
-//+kubebuilder:rbac:groups=machineconfiguration.openshift.io,resources=machineconfigpools,verbs=get;list;watch
+//+kubebuilder:rbac:groups=machineconfiguration.openshift.io,resources=machineconfigpools,verbs=get;list;watch;update;patch
 
 //+kubebuilder:rbac:groups=managedupgrade.appuio.io,resources=upgradejobs,verbs=get;list;watch;create;update;patch;delete
 //+kubebuilder:rbac:groups=managedupgrade.appuio.io,resources=upgradejobs/status,verbs=get;update;patch
@@ -113,7 +113,12 @@ func (r *UpgradeJobReconciler) Reconcile(ctx context.Context, req ctrl.Request)
 		// Don't execute hooks created after the job was finished.
 		_, efaerr := r.executeHooks(ctx, &uj, managedupgradev1beta1.EventFailure, noTrackingKey, eventInfoWithReason(fc.Reason), fc.LastTransitionTime.Time)
 		_, efierr := r.executeHooks(ctx, &uj, managedupgradev1beta1.EventFinish, noTrackingKey, eventInfoWithReason(fc.Reason), fc.LastTransitionTime.Time)
-		return ctrl.Result{}, multierr.Combine(efaerr, efierr, r.cleanupLock(ctx, uj))
+		return ctrl.Result{}, multierr.Combine(
+			efaerr,
+			efierr,
+			r.pauseMachinePoolsOnFailure(ctx, uj),
+			r.cleanupLock(ctx, uj),
+		)
 	}
 
 	cont, err := r.executeHooks(ctx, &uj, managedupgradev1beta1.EventCreate, noTrackingKey, eventInfoWithReason(""), time.Time{})
@@ -1106,6 +1111,53 @@ func (r *UpgradeJobReconciler) cleanupMachineConfigPools(ctx context.Context, uj
 	return multierr.Combine(errs...)
 }
 
+func (r *UpgradeJobReconciler) pauseMachinePoolsOnFailure(ctx context.Context, uj managedupgradev1beta1.UpgradeJob) error {
+	l := log.FromContext(ctx).WithName("UpgradeJobReconciler.pauseMachinePoolsOnFailure")
+
+	if !uj.Spec.PauseMachineConfigPoolsOnFailure.Enabled {
+		return nil
+	}
+	if cond := apimeta.FindStatusCondition(uj.Status.Conditions, managedupgradev1beta1.UpgradeJobConditionMachineConfigPoolsPaused); cond != nil &&
+		cond.Reason == managedupgradev1beta1.UpgradeJobReasonPausedOnFailure && cond.Status == metav1.ConditionTrue {
+		l.Info("machine config pools already paused on failure")
+		return nil
+	}
+
+	selector, err := metav1.LabelSelectorAsSelector(&uj.Spec.PauseMachineConfigPoolsOnFailure.Selector)
+	if err != nil {
+		return fmt.Errorf("failed to parse machine config pool selector: %w", err)
+	}
+	var mcpl machineconfigurationv1.MachineConfigPoolList
+	if err := r.List(ctx, &mcpl, client.MatchingLabelsSelector{Selector: selector}); err != nil {
+		return fmt.Errorf("failed to list machine config pools: %w", err)
+	}
+	var errs []error
+	for _, mcp := range mcpl.Items {
+		if mcp.Spec.Paused {
+			continue
+		}
+		if mcp.Status.MachineCount == mcp.Status.UpdatedMachineCount {
+			continue
+		}
+		l.Info("pausing machine config pool due to upgrade job failure", "pool", mcp.Name)
+		mcp.Spec.Paused = true
+		if err := r.Update(ctx, &mcp); err != nil {
+			errs = append(errs, fmt.Errorf("failed to pause machine config pool %q: %w", mcp.Name, err))
+		}
+	}
+	if changed := r.setStatusCondition(&uj.Status.Conditions, metav1.Condition{
+		Type:   managedupgradev1beta1.UpgradeJobConditionMachineConfigPoolsPaused,
+		Status: metav1.ConditionTrue,
+		Reason: managedupgradev1beta1.UpgradeJobReasonPausedOnFailure,
+	}); changed {
+		if err := r.Status().Update(ctx, &uj); err != nil {
+			errs = append(errs, fmt.Errorf("failed to update upgrade job status: %w", err))
+		}
+	}
+
+	return multierr.Combine(errs...)
+}
+
 func eventInfoWithReason(reason string) map[string]any {
 	return map[string]any{
 		"reason": reason,