chore/upgrade all k8s 1.29 #1156
Open
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This changes the version of cluster autoscaler from tag `cluster-autoscaler-1.27.8 ` to branch `cluster-autoscaler-release-1.28`, commit `10a229ac17ea8049248d1c3ce2923b94a4f9085c`. Motivation: We get an occasional error in Azure: ``` E1106 12:08:11.509971 1 azure_manager.go:177] Failed to regenerate Azure cache: Retriable: false, RetryAfter: 0s, HTTPStatusCode: 401, RawError: azure.BearerAuthorizer#WithAuthorization: Failed to refresh the Token for request to https://management.azure.com/subscriptions/REDUCTED/resourceGroups/MC_dev-eastus2-aks2_dev-azure-eastus2-aks2_eastus2/providers/Microsoft.Compute/virtualMachineScaleSets?api-version=2022-03-01: StatusCode=401 -- Original Error: adal: Refresh request failed. Status Code = '401'. Response body: {"error":"invalid_client","error_description":"AADSTS700024: Client assertion is not within its valid time range. Current time: 2024-11-06T12:08:11.4851735Z, assertion valid from 2024-11-04T18:55:21.0000000Z, expiry time of assertion 2024-11-04T19:55:21.0000000Z. Review the documentation at https://learn.microsoft.com/entra/identity-platform/certificate-credentials . Trace ID: 1c8e947d-f154-4052-9e8a-8529877f7c00 Correlation ID: b04f2ef9-09f7-4f4e-80f8-15d313c5568f Timestamp: 2024-11-06 12:08:11Z","error_codes":[700024],"timestamp":"2024-11-06 12:08:11Z","trace_id":"1c8e947d-f154-4052-9e8a-8529877f7c00","correlation_id":"b04f2ef9-09f7-4f4e-80f8-15d313c5568f","error_uri":"https://login.microsoftonline.com/error?code=700024"} Endpoint https://login.microsoftonline.com/c8350122-1697-4543-929a-d4a75d1bb552/oauth2/token?api-version=1.0 ``` CA seems to have fixed that with recent versions by switching to the `cloud-provider-azure package`, which has a callback to reread the JWT token when needed. This is already present in the `cluster-autoscaler-release-1.28` branch, but it is not present in the `cluster-autoscaler-1.28.6` tag that I used previously in 26d39a6. Instead, in this branch, the code reads JWT from the filesystem only once and does not consider that AKS will occasionally replace it. neondatabase/cloud#18284
commit d470abf Author: Michael Francis <[email protected]> Date: Fri Nov 22 11:24:13 2024 -0500 added missing comment commit 4bbc78a Merge: 726f4f1 de028a6 Author: Michael Francis <[email protected]> Date: Wed Nov 20 11:17:12 2024 -0500 Merge branch 'main' into chore/upgrade-dev-clusters-1.29-take-two commit 726f4f1 Author: Michael Francis <[email protected]> Date: Tue Nov 19 17:07:48 2024 -0500 Upgrade to cluster-autoscaler 1.29 - take two
No changes to the coverage.
HTML Report |
edude03
force-pushed
the
chore/upgrade-all-k8s-1.29
branch
2 times, most recently
from
af8ec49
to
a430cbb
Compare
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
See #1151 and #1135