Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: added gitaly cgroups init image to package #246

Merged
merged 19 commits into from
Dec 6, 2024
Merged

fix: added gitaly cgroups init image to package #246

merged 19 commits into from
Dec 6, 2024

Conversation

JoeHCQ1
Copy link
Contributor

@JoeHCQ1 JoeHCQ1 commented Nov 22, 2024

Description

Downstream we use this image to modify cgroups on gitaly nodes to improve resiliency. This isn't in the package right now, so we're having to add it to a local package so it is available. By putting it here in the original package we ensure the version always matches the rest of the install, and save others who do similar work time later.

Type of change

  • Bug fix (non-breaking change which fixes an issue)

Checklist before merging

@JoeHCQ1 JoeHCQ1 requested a review from a team as a code owner November 22, 2024 19:57
zachariahmiller
zachariahmiller requested changes Nov 22, 2024
View reviewed changes
values/upstream-values.yaml Outdated Show resolved Hide resolved
zachariahmiller
zachariahmiller reviewed Nov 22, 2024
View reviewed changes
Copy link
Contributor

@zachariahmiller zachariahmiller left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Per the discussion on getting this working you had posted about in slack, shouldnt securityContext need to be overridden in the common values for this even if its not being enabled so it works with uds with minimum configuration?

@JoeHCQ1
Copy link
Contributor Author

JoeHCQ1 commented Nov 22, 2024

Per the discussion on getting this working you had posted about in slack, shouldnt securityContext need to be overridden in the common values for this even if its not being enabled so it works with uds with minimum configuration?

Depends on the level of support we want to provide in this package for the custom init. Having the image available allows me to override things downstream at the bundle level until it works. We could backport the configuration settings too, but as it's broken again in my cluster for some reason, I'll have to wait on that changeset.

@JoeHCQ1
Copy link
Contributor Author

JoeHCQ1 commented Nov 22, 2024

Note: future work - given the link you shared: https://gitlab.com/gitlab-org/build/CNG/-/blob/master/gitaly-init-cgroups/Dockerfile?ref_type=heads we should be able to create our own unicorn and ironbank versions of that image fairly easily. I doubt it's worth the work yet, but if ever needed, it wouldn't be hard.

@JoeHCQ1
Copy link
Contributor Author

JoeHCQ1 commented Dec 2, 2024

From before Thanksgiving break, note from reviewer in slack:

left a couple comments. Also based on what that container actually has on it it seems like we might not actually need this dedicated upstream only container, since the source script should be in the gitaly container already.

@robmcelvenny robmcelvenny self-assigned this Dec 3, 2024
@robmcelvenny robmcelvenny self-requested a review December 3, 2024 21:48
@zachariahmiller zachariahmiller self-requested a review December 3, 2024 22:33
@JoeHCQ1
Copy link
Contributor Author

JoeHCQ1 commented Dec 5, 2024
edited
Loading

From before Thanksgiving break, note from reviewer in slack:

left a couple comments. Also based on what that container actually has on it it seems like we might not actually need this dedicated upstream only container, since the source script should be in the gitaly container already.

The script is there, but if swapped in for the gitaly init container, it errors out. They're relying on the dockerfile CMD rather than setting a command themselves in the k8s manifests. Therefore, the normal gitaly container just starts up gitaly.

@JoeHCQ1
Copy link
Contributor Author

JoeHCQ1 commented Dec 5, 2024
edited
Loading

Per the discussion on getting this working you had posted about in slack, shouldnt securityContext need to be overridden in the common values for this even if its not being enabled so it works with uds with minimum configuration?

Depends on the level of support we want to provide in this package for the custom init. Having the image available allows me to override things downstream at the bundle level until it works. We could backport the configuration settings too, but as it's broken again in my cluster for some reason, I'll have to wait on that changeset.

The securityContext is now set in the common-values.yaml as suggested.

robmcelvenny
robmcelvenny previously approved these changes Dec 5, 2024
View reviewed changes
Copy link

@robmcelvenny robmcelvenny left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lgtm!

@zachariahmiller
Copy link
Contributor

zachariahmiller commented Dec 5, 2024
edited
Loading

@JoeHCQ1 The required exception is missing from this. It needs to be in the config chart, templated based on a value, which defaults to false, with a note in the configuration.md on enabling/disabling.

@JoeHCQ1
Copy link
Contributor Author

JoeHCQ1 commented Dec 5, 2024

ah yes, that exception is probably in my nutanix bundle but it'd be needed here. Good catch.

@JoeHCQ1 JoeHCQ1 mentioned this pull request Dec 5, 2024
Open
@robmcelvenny robmcelvenny self-requested a review December 6, 2024 18:38
robmcelvenny
robmcelvenny approved these changes Dec 6, 2024
View reviewed changes
Copy link

@robmcelvenny robmcelvenny left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@zachariahmiller zachariahmiller merged commit 31613df into main Dec 6, 2024
17 checks passed
@github-actions github-actions bot mentioned this pull request Dec 6, 2024
Merged
@JoeHCQ1 JoeHCQ1 mentioned this pull request Dec 6, 2024
Closed
5 tasks
Racer159 pushed a commit that referenced this pull request Dec 9, 2024
@github-actions
chore(main): release 17.6.1-uds.1 (#251)
bb87c7b 
🤖 I have created a release *beep* *boop*
---


##
[17.6.1-uds.1](v17.6.1-uds.0...v17.6.1-uds.1)
(2024-12-06)


### Bug Fixes

* added gitaly cgroups init image to package
([#246](#246))
([31613df](31613df))


### Miscellaneous

* **deps:** update gitlab package dependencies
([#250](#250))
([f23020c](f23020c))

---
This PR was generated with [Release
Please](https://github.com/googleapis/release-please). See
[documentation](https://github.com/googleapis/release-please#release-please).

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@zachariahmiller zachariahmiller zachariahmiller approved these changes

@robmcelvenny robmcelvenny robmcelvenny approved these changes

Assignees

@robmcelvenny robmcelvenny

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@JoeHCQ1 @zachariahmiller @robmcelvenny @Racer159