Kops: Add option --update to kops create to make it idempotent

Created on 25 Apr 2017  路  41Comments  路  Source: kubernetes/kops

It would be nice for CI systems if typing
kops create...
would always give the same result.
But running is twice returns a message (...) already exists:

Repro steps

  • create cluster with create
kops create cluster \
  --name k8s.prod.eu-west-1.aws.redacted.net \
  --zones eu-west-1a,eu-west-1b,eu-west-1c \
  --state s3://k8s/kops \
  --dns-zone=redacted.net
  • Type the same command again
kops create cluster \
  --name k8s.prod.eu-west-1.aws.redacted.net \
  --zones eu-west-1a,eu-west-1b,eu-west-1c \
  --state s3://k8s/kops \
  --dns-zone=redacted.net

---> it fails with:
cluster "k8s.prod.eu-west-1.aws.redacted.net" already exists; use 'kops update cluster' to apply changes

Proposal

Add flag --update to kops create.

If the cluster already exists and this flag is present, update it instead of creating it.

Alternative

The way helm does this is adding a flag --install on the helm upgrade doc command instead of a flag --upgrade flag on the helm install command.
I think it makes it less easy to discover this feature, but I guess it also works.

picture kenden
👍11

Most helpful comment

To support idempotency, kops can provide the patch command like kubectl, e.g.:

kops patch cluster foo.example.com \
  -p '{"spec": {"kubernetesVersion": "1.8.2"}}'
picture canhnt on 9 Nov 2017
👍3

All 41 comments

Note:
kops replace might have to be used instead of kops update.

update and replace are a bit confusing at the moment: https://github.com/kubernetes/kops/issues/2148

kenden picture kenden on 25 Apr 2017

Workaround

# check if cluster exist, create if not, replace otherwise
if [[ ! $(kops get cluster --name "${CLUSTER_NAME}") ]]; then
  kops create -f cluster.yaml --name "${CLUSTER_NAME}" -v 10
else
  kops replace -f cluster.yaml --name "${CLUSTER_NAME}" -v 10
fi

All this code could be avoided with a flag --update.

kenden picture kenden on 26 Apr 2017
👍3

I would also like an idempotent create-or-replace ... whatever the name ends up being

DerekV picture DerekV on 25 May 2017

Right now, to achieve idempotency in your automation, you have basically two choices, both of them bad:

  1. Implement creation via kops create cluster and modification via yaml manipulation - double the effort
  2. Implement creation and modification via yaml manipulation, by populating static yaml templates with values - all well and good, until the config format changes (keys added/removed/renamed), causing anything between subtle, unexpected changes and complete breakage

Both options share the downside, that even if the format (keys and structure) remains the same, some values that kops would produce, will change over time (e.g. images in instance groups). So if you only use kops once, to create the cluster and then only modify the configs, you'll never update those values.

There are projects where easy automation is not a big deal and at most falls into the "nice to have category". Kubernetes is not one of them.

wknapik picture wknapik on 13 Oct 2017

To support idempotency, kops can provide the patch command like kubectl, e.g.:

kops patch cluster foo.example.com \
  -p '{"spec": {"kubernetesVersion": "1.8.2"}}'
canhnt picture canhnt on 9 Nov 2017
👍3

Issues go stale after 90d of inactivity.
Mark the issue as fresh with /remove-lifecycle stale.
Stale issues rot after an additional 30d of inactivity and eventually close.

If this issue is safe to close now please do so with /close.

Send feedback to sig-testing, kubernetes/test-infra and/or fejta.
/lifecycle stale

fejta-bot picture fejta-bot on 7 Feb 2018

/remove-lifecycle stale

wknapik picture wknapik on 5 Mar 2018

Issues go stale after 90d of inactivity.
Mark the issue as fresh with /remove-lifecycle stale.
Stale issues rot after an additional 30d of inactivity and eventually close.

If this issue is safe to close now please do so with /close.

Send feedback to sig-testing, kubernetes/test-infra and/or fejta.
/lifecycle stale

fejta-bot picture fejta-bot on 3 Jun 2018

/remove-lifecycle stale

ruippeixotog picture ruippeixotog on 3 Jun 2018

Issues go stale after 90d of inactivity.
Mark the issue as fresh with /remove-lifecycle stale.
Stale issues rot after an additional 30d of inactivity and eventually close.

If this issue is safe to close now please do so with /close.

Send feedback to sig-testing, kubernetes/test-infra and/or fejta.
/lifecycle stale

fejta-bot picture fejta-bot on 1 Sep 2018

/remove-lifecycle stale

canhnt picture canhnt on 2 Sep 2018

The intent of this issue (idempotent actions) can be achieved with kops replace. We use this in our CI system:

kops replace --force -f cluster.yml
kops update cluster ${CLUSTER_NAME}

no bash if statements needed.

Can we close this issue?

rifelpet picture rifelpet on 12 Dec 2018
👍2

@rifelpet
Does replace --force
also work if the cluster does not exist?
If it does now, it didn't used to a year ago.

kenden picture kenden on 12 Dec 2018

@kenden yes it was fixed in #4275 which was released in 1.9.0 back in April. We've been using it in our CI system ever since then without any issue.

rifelpet picture rifelpet on 12 Dec 2018

@rifelpet, thanks for checking. Great! Closing this ticket then.
Fixed in 1.9.0

kenden picture kenden on 12 Dec 2018

@rifelpet you may have skipped a few steps there ;]

What @canhnt suggested here https://github.com/kubernetes/kops/issues/2428#issuecomment-343117114 is exactly one line to change something.

What you're proposing requires the user to:

  • Save the cluster config to a file
  • Modify the file (not trivial in all languages, or at least requires additional tools/libraries)
  • Use kops replace (what side-effects does --force have ?)
  • Use kops update
  • Clean up the file

kops patch (or something similar) would only require kops and sh and would only take a single line to make a change, so regardless of what the answer to @kenden's question is, IMO this should not be closed.

wknapik picture wknapik on 12 Dec 2018

Also, the kops replace workflow is subject to race conditions.

wknapik picture wknapik on 12 Dec 2018

Reopening until we know if it solved!

kenden picture kenden on 12 Dec 2018

I am a bit confused from this issue. What is the proper way to implement kops in a CI/CD pipeline, currently?

walkafwalka picture walkafwalka on 3 Jan 2019
1

Issues go stale after 90d of inactivity.
Mark the issue as fresh with /remove-lifecycle stale.
Stale issues rot after an additional 30d of inactivity and eventually close.

If this issue is safe to close now please do so with /close.

Send feedback to sig-testing, kubernetes/test-infra and/or fejta.
/lifecycle stale

fejta-bot picture fejta-bot on 3 Apr 2019

/remove-lifecycle stale

wknapik picture wknapik on 3 Apr 2019

Issues go stale after 90d of inactivity.
Mark the issue as fresh with /remove-lifecycle stale.
Stale issues rot after an additional 30d of inactivity and eventually close.

If this issue is safe to close now please do so with /close.

Send feedback to sig-testing, kubernetes/test-infra and/or fejta.
/lifecycle stale

fejta-bot picture fejta-bot on 2 Jul 2019

/remove-lifecycle stale

wknapik picture wknapik on 4 Jul 2019

Issues go stale after 90d of inactivity.
Mark the issue as fresh with /remove-lifecycle stale.
Stale issues rot after an additional 30d of inactivity and eventually close.

If this issue is safe to close now please do so with /close.

Send feedback to sig-testing, kubernetes/test-infra and/or fejta.
/lifecycle stale

fejta-bot picture fejta-bot on 2 Oct 2019

/remove-lifecycle stale

wknapik picture wknapik on 2 Oct 2019

Issues go stale after 90d of inactivity.
Mark the issue as fresh with /remove-lifecycle stale.
Stale issues rot after an additional 30d of inactivity and eventually close.

If this issue is safe to close now please do so with /close.

Send feedback to sig-testing, kubernetes/test-infra and/or fejta.
/lifecycle stale

fejta-bot picture fejta-bot on 31 Dec 2019

Stale issues rot after 30d of inactivity.
Mark the issue as fresh with /remove-lifecycle rotten.
Rotten issues close after an additional 30d of inactivity.

If this issue is safe to close now please do so with /close.

Send feedback to sig-testing, kubernetes/test-infra and/or fejta.
/lifecycle rotten

fejta-bot picture fejta-bot on 30 Jan 2020

/remove-lifecycle rotten

canhnt picture canhnt on 30 Jan 2020

Issues go stale after 90d of inactivity.
Mark the issue as fresh with /remove-lifecycle stale.
Stale issues rot after an additional 30d of inactivity and eventually close.

If this issue is safe to close now please do so with /close.

Send feedback to sig-testing, kubernetes/test-infra and/or fejta.
/lifecycle stale

fejta-bot picture fejta-bot on 29 Apr 2020

/remove-lifecycle stale

wknapik picture wknapik on 29 Apr 2020

Issues go stale after 90d of inactivity.
Mark the issue as fresh with /remove-lifecycle stale.
Stale issues rot after an additional 30d of inactivity and eventually close.

If this issue is safe to close now please do so with /close.

Send feedback to sig-testing, kubernetes/test-infra and/or fejta.
/lifecycle stale

fejta-bot picture fejta-bot on 28 Jul 2020

/remove-lifecycle stale

wknapik picture wknapik on 28 Jul 2020

This issue seems to have moved a bit away from the original problem.
If I understand things correctly, it is now about being able to run kops in CI? If so, does the file state store solve this?

olemarkus picture olemarkus on 4 Aug 2020

The issue hasn't moved at all and certainly not to a different subject.
The problem remains as it was in April 2017.

wknapik picture wknapik on 4 Aug 2020

I don't think adding the flag will ever happen as we try to nudge people as much as we can towards using spec files andreplace. create doesn't, and isn't meant to, contain all the options that one normally wants for production clusters.

olemarkus picture olemarkus on 4 Aug 2020

Can you _create_ a cluster with replace ?

DerekV picture DerekV on 4 Aug 2020

Yes, kops replace has a --force flag that will create resources if they dont already exist.

      --force              Force any changes, which will also create any non-existing resource
rifelpet picture rifelpet on 4 Aug 2020
👍1

That's all I personally was looking for way bake when, just a single idempotent create-or-update command, I couldn't care less if it was create or replace or something else.

DerekV picture DerekV on 4 Aug 2020

Issues go stale after 90d of inactivity.
Mark the issue as fresh with /remove-lifecycle stale.
Stale issues rot after an additional 30d of inactivity and eventually close.

If this issue is safe to close now please do so with /close.

Send feedback to sig-testing, kubernetes/test-infra and/or fejta.
/lifecycle stale

fejta-bot picture fejta-bot on 2 Nov 2020

Stale issues rot after 30d of inactivity.
Mark the issue as fresh with /remove-lifecycle rotten.
Rotten issues close after an additional 30d of inactivity.

If this issue is safe to close now please do so with /close.

Send feedback to sig-testing, kubernetes/test-infra and/or fejta.
/lifecycle rotten

fejta-bot picture fejta-bot on 2 Dec 2020

/remove-lifecycle rotten

wknapik picture wknapik on 2 Dec 2020
Was this page helpful?
0 / 5 - 0 ratings

Related issues

joshbranham picture joshbranham  路  3Comments
endejoli picture endejoli  路  4Comments
pluttrell picture pluttrell  路  4Comments
argusua picture argusua  路  5Comments
olalonde picture olalonde  路  4Comments