Ducklett: managing all the little nodes of a Conducktor cluster

Ducklett

Overview

Ducklett is a kubernetes controller that manages updating nodes in a Conducktor cluster.

diagram diagram

Origin

For immutable infrastructure, we need to treat nodes like appliances: we don't update them, we replace them. We needed a Kubernetes-aware process to see changes in the VMSS imageID value and roll out new nodes with that image, rolling out (deleting) the old nodes. All while gracefully migrating the workloads to other nodes.

This controller requires special OS images, produced by the Golduck pipeline. Specifically, they require the /etc/osrelease PRETTY_NAME field to reflect the imageID tag used for the node. This is then attached to the Kubernetes nodeInfo block for each node. The controller reads that to determine what OS imageID the node is running on.

Config Options

This controller requires managed identity to be set up for the nodes that the controller runs on.

A secret is defined in the deploy manifests that contains fields for the SubscriptionID and ResourceGroup, you must supply these values.

Currently you specify these items to the controller as arguments to the container:

  • check-period : How often the controller polls the nodes for updates
  • worker-concurrency : How many worker nodes to update at a single time
  • cp-concurrency: How many controlplane nodes to update at a single time

Example: ducklett --check-period=30 --concurrency=2 --v=3

The --v=3 is optional, and will bump log output verbosity

Manually updating image in Azure to trigger controller

There is a utility in this repo, update-azure-image-tags, that can be used to bump the tags related to the cp and worker nodes for the cluster. After the tags are bumped to a new version, the controller will begin upgrading the cluster.

Example, to be run inside the container for the controller in the cluster:

/update-azure-image-tags -imageid conducktor-flatcar-1.20.7-v0.3.0-cc9e4ddc

Similar Resources

A golang tool to list out all EKS clusters with active nodegroups in all regions in json format

eks-tool A quick and dirty tool to list out all EKS clusters with active nodegro

Dec 18, 2021

Kubei is a flexible Kubernetes runtime scanner, scanning images of worker and Kubernetes nodes providing accurate vulnerabilities assessment, for more information checkout:

Kubei is a flexible Kubernetes runtime scanner, scanning images of worker and Kubernetes nodes providing accurate vulnerabilities assessment, for more information checkout:

Kubei is a vulnerabilities scanning and CIS Docker benchmark tool that allows users to get an accurate and immediate risk assessment of their kubernet

Dec 30, 2022

A prometheus exporter for monitoring FIO nodeos nodes.

A prometheus exporter for monitoring FIO nodeos nodes.

fio-prometheus-exporter This is a simple prometheus exporter for FIO nodeos nodes. It can connect to multiple nodes to display a few critical statisti

Aug 19, 2022

Latest block exporter to monitor your own nodes !

Ethereum Block Prometheus Exporter Deeply copied from 31z4/ethereum-prometheus-exporter Thanks a lot for his work ! This service exports the latest bl

Nov 5, 2021

Set of Kubernetes solutions for reusing idle resources of nodes by running extra batch jobs

Caelus Caelus is a set of Kubernetes solutions for reusing idle resources of nodes by running extra batch jobs, these resources come from the underuti

Nov 22, 2022

A CoreDNS plugin to create records for Kubernetes nodes.

kubenodes Name kubenodes - creates records for Kubernetes nodes. Description kubenodes watches the Kubernetes API and synthesizes A, AAAA, and PTR rec

Jul 7, 2022

K8s-delete-protection - Kubernetes admission controller to avoid deleteing master nodes

k8s-delete-protection Admission Controller If you want to make your Kubernetes c

Nov 2, 2022

Little Reversing CrackMe written in GO

Go_CrackMe Little Reversing CrackMe written in GO Info: I created little reversing crackme challenge written in GO language for educational purpose. A

Jul 22, 2022

Stewards little helper

littlesteward Stewards little helper Functinality Take a script/program, and SCP it to 1+ nodes. Connect via SSH, execute the script, and get the resu

Nov 8, 2021
Manages nodes in hybrid k8s self-hosted cluster

node-manager Manages nodes in hybrid k8s self-hosted cluster Supported providers Contabo Hetzner Robot (dedicated) Supported commands Heal - reboots a

Dec 23, 2021
Rqlite-recover - k8 controller to create recover json for rqlite cluster nodes when needed.

Cluster Recover for RQLite running on a k8s cluster The goal is to be able to recover a rqlite cluster when the majority of nodes get re-schedule to d

Sep 8, 2022
A simple go tool, that calculates the allocated resources from all nodes matching the label selector.

kube-allocated-resources This is a simple go tool, that calculates the allocated resources from all nodes matching the label selector. Build Build on

Jan 12, 2022
kubetnl tunnels TCP connections from within a Kubernetes cluster to a cluster-external endpoint, e.g. to your local machine. (the perfect complement to kubectl port-forward)

kubetnl kubetnl (kube tunnel) is a command line utility to tunnel TCP connections from within a Kubernetes to a cluster-external endpoint, e.g. to you

Dec 16, 2022
A pod scaler golang app that can scale replicas either inside of cluster or out of the cluster

pod-scaler A simple pod scaler golang application that can scale replicas via manipulating the deployment Technologies The project has been created us

Oct 24, 2021
cluster-api-state-metrics (CASM) is a service that listens to the Kubernetes API server and generates metrics about the state of custom resource objects related of Kubernetes Cluster API.

Overview cluster-api-state-metrics (CASM) is a service that listens to the Kubernetes API server and generates metrics about the state of custom resou

Oct 27, 2022
Go-gke-pulumi - A simple example that deploys a GKE cluster and an application to the cluster using pulumi

This example deploys a Google Cloud Platform (GCP) Google Kubernetes Engine (GKE) cluster and an application to it

Jan 25, 2022
Influxdb-cluster - InfluxDB Cluster for replacing InfluxDB Enterprise

InfluxDB ATTENTION: Around January 11th, 2019, master on this repository will be

Dec 26, 2022
A Terraform module to manage cluster authentication (aws-auth) for an Elastic Kubernetes (EKS) cluster on AWS.

Archive Notice The terraform-aws-modules/eks/aws v.18.20.0 release has brought back support aws-auth configmap! For this reason, I highly encourage us

Dec 4, 2022
Sbom-operator - Catalogue all images of a Kubernetes cluster to multiple targets with Syft

sbom-operator Catalogue all images of a Kubernetes cluster to multiple targets w

Jan 4, 2023