kubernetes-deploy 0.20.4 → 0.20.5

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: f0b4318bc1b5546351e5aaaa8a2e5a40675349c6
-  data.tar.gz: 3f4df1e8c2010d668118fae08a15de4ab21b67b3
+  metadata.gz: b01e4098e730e6ee300284d185adb140cf3cdc80
+  data.tar.gz: 6416b255318a78d3a1b6383263bbecd7b3603a4b
 SHA512:
-  metadata.gz: db3e58f8c6ae85a41a436f24068a03d7312df2080a62ab05abb818f5723b07e7875be5d3a7af95f56edf67d5f4be5cff5536a2506465152f205f49c32b5686e5
-  data.tar.gz: 3093b949fa36286f03548c3e91ebbc0378d27dafd922b7677dd7b902b9288fee2e8e2120306b3eaccd70f74337ddf2713842457445410b4fd77ee6030191aa97
+  metadata.gz: aeeb95108945428fe39de942b7285843cd8a3960344089386bfbf1cfc1a551a50c1531d3e7d2082187f67640e6978ad1ab00f8ed7176b14d92bb56410ba78380
+  data.tar.gz: d0c1753242a3131586627252707ef9674ff94d2ac0e8e9f39f6a147dbc05449b5414ce6f26c1e8ede9bb4bd58d5919bf94ed6629f97ff2abc9db5c74e4b70e82

data/.buildkite/pipeline.nightly.yml

@@ -1,11 +1,11 @@
-# Disableed until minikube can run 1.10
-#  - name: 'Run Test Suite (:kubernetes: 1.10-latest)'
-#    command: bin/ci
-#    agents:
-#      queue: minikube-ci
-#    env:
-#      LOGGING_LEVEL: 4
-#      KUBERNETES_VERSION: v1.10-latest
+steps:
+  - name: 'Run Test Suite (:kubernetes: 1.10-latest)'
+    command: bin/ci
+    agents:
+      queue: minikube-ci
+    env:
+      LOGGING_LEVEL: 4
+      KUBERNETES_VERSION: v1.10-latest
   - name: 'Run Test Suite (:kubernetes: 1.9-latest)'
     command: bin/ci
     agents:

data/.buildkite/pipeline.yml

@@ -1,3 +1,11 @@
+steps:
+  - name: 'Run Test Suite (:kubernetes: 1.10-latest)'
+    command: bin/ci
+    agents:
+      queue: minikube-ci
+    env:
+      LOGGING_LEVEL: 4
+      KUBERNETES_VERSION: v1.10-latest
   - name: 'Run Test Suite (:kubernetes: 1.9-latest)'
     command: bin/ci
     agents:

data/CHANGELOG.md

@@ -1,6 +1,16 @@
 ### Master
 
+*Enhancements*
+- Add Job resource class ([#295](https://github.com/Shopify/kubernetes-deploy/pull/296))
+- Add CustomResourceDefinition resource class ([#306](https://github.com/Shopify/kubernetes-deploy/pull/306))
+- Officially support Kubernetes 1.10 ([#308](https://github.com/Shopify/kubernetes-deploy/pull/308))
+- SyncMediator will only batch fetch resources when there is a sufficiently large enough set of resources
+being tracked ([#316](https://github.com/Shopify/kubernetes-deploy/pull/316))
+- Allow CRs to be pruned based on `kubernetes-deploy.shopify.io/prunable` annotation on the custom resource definitions ([312](https://github.com/Shopify/kubernetes-deploy/pull/312))
+- Add HorizontalPodAutoscaler resource class ([#305](https://github.com/Shopify/kubernetes-deploy/pull/305))
+
 ### 0.20.4
+*Enhancements*
 - Don't consider pod preempting a failure ([#317](https://github.com/shopify/kubernetes-deploy/pull/317))
 
 ### 0.20.3
@@ -8,7 +18,6 @@
 - Evictions are recoverable so prevent them from triggering fast failure detection ([#293](https://github.com/Shopify/kubernetes-deploy/pull/293)).
 - Use YAML.safe_load over YAML.load_file ([#295](https://github.com/Shopify/kubernetes-deploy/pull/295)).
 
-
 *Bug Fixes*
 - Default rollout strategy is compatible required-rollout annotation ([#289](https://github.com/Shopify/kubernetes-deploy/pull/289)).
 
@@ -16,7 +25,6 @@
 *Enhancements*
 - Emit data dog events when deploys succeed, time out or fail ([#292](https://github.com/Shopify/kubernetes-deploy/pull/292)).
 ### 0.20.1
-*Features*
 
 *Bug Fixes*
 - Display a nice error instead of crashing when a YAML document is missing 'Kind'

data/README.md

@@ -241,6 +241,10 @@ before the deployment is considered successful.
   that use the `RollingUpdate` strategy.
   - Percent (e.g. 90%): The deploy is successful when the number of new pods that are ready is equal to
   `spec.replicas` * Percent.
+- `kubernetes-deploy.shopify.io/prunable`: Allows a Custom Resource to be pruned during deployment.
+  - _Compatibility_: Custom Resource Definition
+  - `true`: The custom resource will be pruned if the resource is not in the deploy directory.
+  - All other values: The custom resource will not be pruned.
 
 ### Running tasks at the beginning of a deploy
 

data/dev.yml

@@ -8,7 +8,7 @@ up:
   - custom:
       name: Minikube Cluster
       met?: test $(minikube status | grep Running | wc -l) -eq 2 && $(minikube status | grep -q 'Correctly Configured')
-      meet: minikube start --kubernetes-version=v1.9.4 --vm-driver=hyperkit
+      meet: minikube start --kubernetes-version=v1.10.0 --vm-driver=hyperkit
       down: minikube stop
 commands:
   reset-minikube: minikube delete && rm -rf ~/.minikube

data/kubernetes-deploy.gemspec

@@ -25,7 +25,7 @@ Gem::Specification.new do |spec|
   spec.required_ruby_version = '>= 2.3.0'
   spec.add_dependency "activesupport", ">= 5.0"
   spec.add_dependency "kubeclient", "~> 3.0"
-  spec.add_dependency "googleauth", ">= 0.5"
+  spec.add_dependency "googleauth", "= 0.6.2" # https://github.com/google/google-auth-library-ruby/issues/153
   spec.add_dependency "ejson", "1.0.1"
   spec.add_dependency "colorize", "~> 0.8"
   spec.add_dependency "statsd-instrument", "~> 2.2"

data/lib/kubernetes-deploy/deploy_task.rb

@@ -27,6 +27,9 @@ require 'kubernetes-deploy/kubernetes_resource'
   bucket
   stateful_set
   cron_job
+  job
+  custom_resource_definition
+  horizontal_pod_autoscaler
 ).each do |subresource|
   require "kubernetes-deploy/kubernetes_resource/#{subresource}"
 end
@@ -35,6 +38,7 @@ require 'kubernetes-deploy/kubectl'
 require 'kubernetes-deploy/kubeclient_builder'
 require 'kubernetes-deploy/ejson_secret_provisioner'
 require 'kubernetes-deploy/renderer'
+require 'kubernetes-deploy/resource_discovery'
 
 module KubernetesDeploy
   class DeployTask
@@ -50,6 +54,7 @@ module KubernetesDeploy
       ServiceAccount
       Pod
     )
+
     PROTECTED_NAMESPACES = %w(
       default
       kube-system
@@ -63,6 +68,7 @@ module KubernetesDeploy
     # core/v1/ReplicationController -- superseded by deployments/replicasets
     # extensions/v1beta1/ReplicaSet -- managed by deployments
     # core/v1/Secret -- should not committed / managed by shipit
+
     def prune_whitelist
       wl = %w(
         core/v1/ConfigMap
@@ -80,7 +86,7 @@ module KubernetesDeploy
       if server_version >= Gem::Version.new('1.8.0')
         wl << "batch/v1beta1/CronJob"
       end
-      wl
+      wl + cluster_resource_discoverer.crds(@sync_mediator).select(&:prunable?).map(&:group_version_kind)
     end
 
     def server_version
@@ -198,6 +204,10 @@ module KubernetesDeploy
 
     private
 
+    def cluster_resource_discoverer
+      ResourceDiscovery.new(namespace: @namespace, context: @context, logger: @logger, namespace_tags: @namespace_tags)
+    end
+
     def deploy_has_priority_resources?(resources)
       resources.any? { |r| PREDEPLOY_SEQUENCE.include?(r.type) }
     end
@@ -247,6 +257,10 @@ module KubernetesDeploy
           @logger.info "  - #{r.id}"
         end
       end
+      if (global = resources.select(&:global?).presence)
+        @logger.warn("Detected non-namespaced #{'resource'.pluralize(global.count)} which will never be pruned:")
+        global.each { |r| @logger.warn("  - #{r.id}") }
+      end
       resources
     end
 

data/lib/kubernetes-deploy/kubeclient_builder.rb

@@ -36,6 +36,14 @@ module KubernetesDeploy
       )
     end
 
+    def build_batch_v1_kubeclient(context)
+      _build_kubeclient(
+        api_version: "v1",
+        context: context,
+        endpoint_path: "/apis/batch/"
+      )
+    end
+
     def build_policy_v1beta1_kubeclient(context)
       _build_kubeclient(
         api_version: "v1beta1",
@@ -52,6 +60,22 @@ module KubernetesDeploy
       )
     end
 
+    def build_apiextensions_v1beta1_kubeclient(context)
+      _build_kubeclient(
+        api_version: "v1beta1",
+        context: context,
+        endpoint_path: "/apis/apiextensions.k8s.io"
+      )
+    end
+
+    def build_autoscaling_v1_kubeclient(context)
+      _build_kubeclient(
+        api_version: "v2beta1",
+        context: context,
+        endpoint_path: "/apis/autoscaling"
+      )
+    end
+
     def _build_kubeclient(api_version:, context:, endpoint_path: nil)
       # Find a context defined in kube conf files that matches the input context by name
       friendly_configs = config_files.map { |f| GoogleFriendlyConfig.read(f) }

data/lib/kubernetes-deploy/kubernetes_resource/custom_resource_definition.rb

@@ -0,0 +1,55 @@
+# frozen_string_literal: true
+module KubernetesDeploy
+  class CustomResourceDefinition < KubernetesResource
+    TIMEOUT = 2.minutes
+    GLOBAL = true
+
+    def deploy_succeeded?
+      names_accepted_status == "True"
+    end
+
+    def deploy_failed?
+      names_accepted_status == "False"
+    end
+
+    def timeout_message
+      "The names this CRD is attempting to register were neither accepted nor rejected in time"
+    end
+
+    def status
+      if !exists?
+        super
+      elsif deploy_succeeded?
+        "Names accepted"
+      else
+        "#{names_accepted_condition['reason']} (#{names_accepted_condition['message']})"
+      end
+    end
+
+    def group_version_kind
+      group = @definition.dig("spec", "group")
+      version = @definition.dig("spec", "version")
+      "#{group}/#{version}/#{kind}"
+    end
+
+    def kind
+      @definition.dig("spec", "names", "kind")
+    end
+
+    def prunable?
+      prunable = @definition.dig("metadata", "annotations", "kubernetes-deploy.shopify.io/prunable")
+      prunable == "true"
+    end
+
+    private
+
+    def names_accepted_condition
+      conditions = @instance_data.dig("status", "conditions") || []
+      conditions.detect { |c| c["type"] == "NamesAccepted" } || {}
+    end
+
+    def names_accepted_status
+      names_accepted_condition["status"]
+    end
+  end
+end

data/lib/kubernetes-deploy/kubernetes_resource/horizontal_pod_autoscaler.rb

@@ -0,0 +1,57 @@
+# frozen_string_literal: true
+module KubernetesDeploy
+  class HorizontalPodAutoscaler < KubernetesResource
+    TIMEOUT = 3.minutes
+    RECOVERABLE_CONDITIONS = %w(ScalingDisabled FailedGet)
+
+    def deploy_succeeded?
+      scaling_active_condition["status"] == "True"
+    end
+
+    def deploy_failed?
+      return false unless exists?
+      recoverable = RECOVERABLE_CONDITIONS.any? { |c| scaling_active_condition.fetch("reason", "").start_with?(c) }
+      scaling_active_condition["status"] == "False" && !recoverable
+    end
+
+    def kubectl_resource_type
+      'hpa.v2beta1.autoscaling'
+    end
+
+    def status
+      if !exists?
+        super
+      elsif deploy_succeeded?
+        "Configured"
+      elsif scaling_active_condition.present? || able_to_scale_condition.present?
+        condition = scaling_active_condition.presence || able_to_scale_condition
+        condition['reason']
+      else
+        "Unknown"
+      end
+    end
+
+    def failure_message
+      condition = scaling_active_condition.presence || able_to_scale_condition.presence || {}
+      condition['message']
+    end
+
+    def timeout_message
+      failure_message.presence || super
+    end
+
+    private
+
+    def conditions
+      @instance_data.dig("status", "conditions") || []
+    end
+
+    def able_to_scale_condition
+      conditions.detect { |c| c["type"] == "AbleToScale" } || {}
+    end
+
+    def scaling_active_condition
+      conditions.detect { |c| c["type"] == "ScalingActive" } || {}
+    end
+  end
+end

data/lib/kubernetes-deploy/kubernetes_resource/job.rb

@@ -0,0 +1,47 @@
+# frozen_string_literal: true
+module KubernetesDeploy
+  class Job < KubernetesResource
+    TIMEOUT = 10.minutes
+
+    def deploy_succeeded?
+      # Don't block deploys for long running jobs,
+      # Instead report success when there is at least 1 active
+      return false unless deploy_started?
+      done? || running?
+    end
+
+    def deploy_failed?
+      return false unless deploy_started?
+      return false unless @instance_data.dig("spec", "backoffLimit").present?
+      (@instance_data.dig("status", "failed") || 0) >= @instance_data.dig("spec", "backoffLimit")
+    end
+
+    def status
+      if !exists?
+        super
+      elsif done?
+        "Succeeded"
+      elsif running?
+        "Started"
+      elsif deploy_failed?
+        "Failed"
+      else
+        "Unknown"
+      end
+    end
+
+    private
+
+    def done?
+      (@instance_data.dig("status", "succeeded") || 0) == @instance_data.dig("spec", "completions")
+    end
+
+    def running?
+      now = Time.now.utc
+      start_time = @instance_data.dig("status", "startTime")
+      # Wait 5 seconds to ensure job doesn't immediately fail.
+      return false if !start_time.present? || now - Time.parse(start_time) < 5.second
+      (@instance_data.dig("status", "active") || 0) >= 1
+    end
+  end
+end

data/lib/kubernetes-deploy/kubernetes_resource.rb

@@ -8,6 +8,7 @@ module KubernetesDeploy
     attr_reader :name, :namespace, :context
     attr_writer :type, :deploy_started_at
 
+    GLOBAL = false
     TIMEOUT = 5.minutes
     LOG_LINE_COUNT = 250
 
@@ -114,7 +115,7 @@ module KubernetesDeploy
     end
 
     def sync(mediator)
-      @instance_data = mediator.get_instance(type, name)
+      @instance_data = mediator.get_instance(kubectl_resource_type, name)
     end
 
     def deploy_failed?
@@ -146,6 +147,10 @@ module KubernetesDeploy
       @type || self.class.kind
     end
 
+    def kubectl_resource_type
+      type
+    end
+
     def deploy_timed_out?
       return false unless deploy_started?
       !deploy_succeeded? && !deploy_failed? && (Time.now.utc - @deploy_started_at > timeout)
@@ -315,6 +320,10 @@ module KubernetesDeploy
       end
     end
 
+    def global?
+      self.class::GLOBAL
+    end
+
     private
 
     def validate_timeout_annotation

data/lib/kubernetes-deploy/resource_discovery.rb

@@ -0,0 +1,19 @@
+# frozen_string_literal: true
+
+module KubernetesDeploy
+  class ResourceDiscovery
+    def initialize(namespace:, context:, logger:, namespace_tags:)
+      @namespace = namespace
+      @context = context
+      @logger = logger
+      @namespace_tags = namespace_tags
+    end
+
+    def crds(sync_mediator)
+      sync_mediator.get_all(CustomResourceDefinition.kind).map do |r_def|
+        CustomResourceDefinition.new(namespace: @namespace, context: @context, logger: @logger,
+          definition: r_def, statsd_tags: @namespace_tags)
+      end
+    end
+  end
+end

data/lib/kubernetes-deploy/statsd.rb

@@ -15,7 +15,7 @@ module KubernetesDeploy
       if ENV['STATSD_DEV'].present?
         ::StatsD.backend = ::StatsD::Instrument::Backends::LoggerBackend.new(Logger.new($stderr))
       elsif ENV['STATSD_ADDR'].present?
-        statsd_impl = ENV['STATSD_IMPLEMENTATION'].empty? ? "datadog" : ENV['STATSD_IMPLEMENTATION']
+        statsd_impl = ENV['STATSD_IMPLEMENTATION'].present? ? ENV['STATSD_IMPLEMENTATION'] : "datadog"
         ::StatsD.backend = ::StatsD::Instrument::Backends::UDPBackend.new(ENV['STATSD_ADDR'], statsd_impl)
       else
         ::StatsD.backend = ::StatsD::Instrument::Backends::NullBackend.new

data/lib/kubernetes-deploy/sync_mediator.rb

@@ -1,6 +1,8 @@
 # frozen_string_literal: true
 module KubernetesDeploy
   class SyncMediator
+    LARGE_BATCH_THRESHOLD = Concurrency::MAX_THREADS * 3
+
     def initialize(namespace:, context:, logger:)
       @namespace = namespace
       @context = context
@@ -29,11 +31,14 @@ module KubernetesDeploy
 
     def sync(resources)
       clear_cache
-      dependencies = resources.map(&:class).uniq.flat_map do |c|
-        c::SYNC_DEPENDENCIES if c.const_defined?('SYNC_DEPENDENCIES')
+
+      if resources.count > LARGE_BATCH_THRESHOLD
+        dependencies = resources.map(&:class).uniq.flat_map do |c|
+          c::SYNC_DEPENDENCIES if c.const_defined?('SYNC_DEPENDENCIES')
+        end
+        kinds = (resources.map(&:kubectl_resource_type) + dependencies).compact.uniq
+        kinds.each { |kind| fetch_by_kind(kind) }
       end
-      kinds = (resources.map(&:type) + dependencies).compact.uniq
-      kinds.each { |kind| fetch_by_kind(kind) }
 
       KubernetesDeploy::Concurrency.split_across_threads(resources) do |r|
         r.sync(dup)

data/lib/kubernetes-deploy/version.rb

@@ -1,4 +1,4 @@
 # frozen_string_literal: true
 module KubernetesDeploy
-  VERSION = "0.20.4"
+  VERSION = "0.20.5"
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: kubernetes-deploy
 version: !ruby/object:Gem::Version
-  version: 0.20.4
+  version: 0.20.5
 platform: ruby
 authors:
 - Katrina Verey
@@ -9,7 +9,7 @@ authors:
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2018-07-18 00:00:00.000000000 Z
+date: 2018-08-07 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activesupport
@@ -43,16 +43,16 @@ dependencies:
   name: googleauth
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - '='
       - !ruby/object:Gem::Version
-        version: '0.5'
+        version: 0.6.2
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ">="
+    - - '='
       - !ruby/object:Gem::Version
-        version: '0.5'
+        version: 0.6.2
 - !ruby/object:Gem::Dependency
   name: ejson
   requirement: !ruby/object:Gem::Requirement
@@ -227,10 +227,13 @@ files:
 - lib/kubernetes-deploy/kubernetes_resource/cloudsql.rb
 - lib/kubernetes-deploy/kubernetes_resource/config_map.rb
 - lib/kubernetes-deploy/kubernetes_resource/cron_job.rb
+- lib/kubernetes-deploy/kubernetes_resource/custom_resource_definition.rb
 - lib/kubernetes-deploy/kubernetes_resource/daemon_set.rb
 - lib/kubernetes-deploy/kubernetes_resource/deployment.rb
 - lib/kubernetes-deploy/kubernetes_resource/elasticsearch.rb
+- lib/kubernetes-deploy/kubernetes_resource/horizontal_pod_autoscaler.rb
 - lib/kubernetes-deploy/kubernetes_resource/ingress.rb
+- lib/kubernetes-deploy/kubernetes_resource/job.rb
 - lib/kubernetes-deploy/kubernetes_resource/memcached.rb
 - lib/kubernetes-deploy/kubernetes_resource/persistent_volume_claim.rb
 - lib/kubernetes-deploy/kubernetes_resource/pod.rb
@@ -246,6 +249,7 @@ files:
 - lib/kubernetes-deploy/kubernetes_resource/statefulservice.rb
 - lib/kubernetes-deploy/kubernetes_resource/topic.rb
 - lib/kubernetes-deploy/renderer.rb
+- lib/kubernetes-deploy/resource_discovery.rb
 - lib/kubernetes-deploy/resource_watcher.rb
 - lib/kubernetes-deploy/restart_task.rb
 - lib/kubernetes-deploy/runner_task.rb