-
Notifications
You must be signed in to change notification settings - Fork 1.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Define proxy version override annotation #2593
Conversation
Integration test results for 0fe5ea6: success 🎉 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The code lgtm, and works as expected when I set config.linkerd.io/linkerd-version
on the pod template:
template:
metadata:
annotations:
linkerd.io/proxy-version: git-0fe5ea67
config.linkerd.io/linkerd-version: edge-19.3.3
I'd like to understand a bit better your comment:
Assumption: The config.linkerd.io/linkerd-version and linkerd.io/proxy-version use the same overridden value.
...and related, what's the interaction between linkerd.io/proxy-version
and config.linkerd.io/linkerd-version
? Does the latter always override the former?
@siggy I assume in your test, you added the annotation to an existing workload? If I use
I am not 100% sure if that's the desired behaviour. I guess it really boils down to the purpose of these annotations. I am inclined to make
Yes, the function that is used to build the image name uses |
I think it can be a bit confusing for users to have both annotations. Let me know what you think of the following, making room for upgrade policy handling that we've alluded at some point in the past: Leaving
|
@alpeb I like the idea of upgrade policy. But I think it might be a topic that merits further design and discussion with others like @olix0r and @grampelberg. Fundamentally, for this PR, I think we just wanna decide on when a user override the proxy version using the |
@ihcsim Thanks for the additional detail. To clarify my set up, I started with: kind: Deployment
spec:
template:
metadata:
annotations:
config.linkerd.io/linkerd-version: edge-19.3.3 ... and then after auto-injection I observed: kind: Pod
metadata:
annotations:
config.linkerd.io/linkerd-version: edge-19.3.3
linkerd.io/created-by: linkerd/proxy-injector git-0fe5ea67
linkerd.io/proxy-version: git-0fe5ea67 Is this expected? |
@siggy Yes, that's the expected behaviour for auto-inject; i.e. In short, the reason why the |
Signed-off-by: Ivan Sim <[email protected]>
This ensures consistent usages of the config.linkerd.io/linkerd-version and linkerd.io/proxy-version annotations. The former will only be used to track overridden version, while the latter shows the cluster's current default version. Signed-off-by: Ivan Sim <[email protected]>
0fe5ea6
to
3fd90b9
Compare
Integration test results for 3fd90b9: success 🎉 |
@ihcsim I've confirmed with the latest commits that manual and auto-injection both result in the same combination of annotations, specifically: Manual$ cat ~/emojivoto-enabled.yml | bin/linkerd inject - --linkerd-version edge-19.3.3
kind: Deployment
spec:
template:
metadata:
annotations:
config.linkerd.io/linkerd-version: edge-19.3.3
linkerd.io/created-by: linkerd/cli git-3fd90b90
linkerd.io/proxy-version: git-3fd90b90 Auto$ kubectl -n emojivoto-enabled get po/emoji-5f85b5d47-zdvkt -oyaml
kind: Pod
metadata:
annotations:
config.linkerd.io/linkerd-version: edge-19.3.3
linkerd.io/created-by: linkerd/proxy-injector git-3fd90b90
linkerd.io/proxy-version: git-3fd90b90 A more meta-question: What's the use case for having both |
Having both can feel a bit redundant. Our thought is that one is descriptive, while the other is an @olix0r Further thoughts?
That's how it works in this PR, as seen here. |
The This is important when re-injecting a workload: Should we update to a newer proxy version or not? We need these separate namespaces to be semantically different. |
Correct. And the other annotation always indicates the version that was actually used. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
lgtm!
Wanna make sure I understand what you meant by the version that was actually used. This is referring to whatever version provided during install/upgrade and is saved in the |
@ihcsim ah, i see the discrepancy: we have a few possible "linkerd versions". Up until now, (I think) The intent here being that we need to be able to reconstitute how a specific pod was injected.. |
Signed-off-by: Ivan Sim <[email protected]>
Per slack discussion, the version of the injector (CLI, webhook etc.) is currently encoded in the |
Integration test results for 6f49072: success 🎉 |
* Define proxy version override annotation * Don't override global linkerd version during inject This ensures consistent usages of the config.linkerd.io/linkerd-version and linkerd.io/proxy-version annotations. The former will only be used to track overridden version, while the latter shows the cluster's current default version. * Rename proxy version config override annotation Signed-off-by: Ivan Sim <[email protected]> Signed-off-by: [email protected] <[email protected]>
* Define proxy version override annotation * Don't override global linkerd version during inject This ensures consistent usages of the config.linkerd.io/linkerd-version and linkerd.io/proxy-version annotations. The former will only be used to track overridden version, while the latter shows the cluster's current default version. * Rename proxy version config override annotation Signed-off-by: Ivan Sim <[email protected]> Signed-off-by: [email protected] <[email protected]>
This PR adds a new
config.linkerd.io/linkerd-version
annotation to capture overridden proxy version, usinglinkerd inject --linkerd-version
.Assumption: The
config.linkerd.io/linkerd-version
andlinkerd.io/proxy-version
use the same overridden value.Fixes #2551 #2497
Signed-off-by: Ivan Sim [email protected]