Add "pharos reboot" command for rebooting hosts or the entire cluster

[kke]

Fixes #996

Adds pharos reboot for rebooting nodes.

If any of the hosts to reboot are masters, they will be rebooted first. The nodes will be drained before the reboot and uncordoned once they have finished rebooting.

[jakolehm]

I don't understand all the changes.. maybe you could comment changes via review?

[jakolehm]

Why do we need these?

[kke]

Pharos::SSH::Client is not yet loaded when the phases are loading.

[jakolehm]

How this is related?

[kke]

Otherwise the bastion.host points to a duplicate created via Configuration::Host.new instead to the actual host in config (which is completely fine if the bastion host even isn't in the config)

This means, that for example host.ssh.gateway.shutdown! when doing a host reboot/reconnect will shut down a gateway that is not the duplicated bastion host's gateway.

[kke]

ssh.gateway now returns a Net::SSH::Gateway instead of directly doing gateway.open.

[kke]

This was added because when rebooting a node that acts as a bastion, the gateway thread for the host with bastion will die from IOError and report the exception to the terminal.

It seems to manage to reconnect with all the connection/reconnection additions in this PR and the exception appears to be harmless.

[kke]

Changed the SSH::Client.exec etc that use require_session! attempt to make a connection instead of failing directly.

[kke]

Becuse ssh.gateway returned ssh.gateway.open, the Net::SSH::Gateway.new was duplicated here and was left in a "dangling" local variable that could not be accessed for shutdown!.

[kke]

After rebooting masters, it seemed logical to regather facts, but now I realize it may never reach this point if the master reboot failed to bring up kubelet again. So, this could be skipped I think.

[kke]

The alternative to this would be some kind of trickery with nohup (which I tried but failed) or always using +1. Now it often finishes in a couple of seconds instead of waiting a full minute every time.

[jakolehm]

Would it be easier to generate this in ruby code?

[kke]

require 'time'
current_time = Time.parse(ssh.exec!('date +%H:%M:%S`))
if current_time.sec > 55
  shutdown_time = "+1"
  sleepy_time = 60
else
  new_time = Time.parse((current_time + 60).strftime('%H:%M:00'))
  shutdown_time = new_time.strftime('%H:%M')
  sleepy_time = (new_time - current_time).to_i
end
ssh.exec!("shutdown -r #{shutdown_time}")
ssh.disconnect
sleep sleepy_time

[jakolehm]

Remind me again why we need to delay reboot?

[jakolehm]

How about:

ssh.exec!("shutdown -r now &")
sleep 1 until !ssh.connected?

[kke]

To disconnect ssh client gracefully.

[kke]

[36] pry(main)> ssh.exec('sudo shutdown -r now &')
IOError: closed stream

It still exits instantly and possibly crashes some bastion thread. Maybe the bastion hosts need to be rebooted separately.

The transport PR changed a lot stuff and #1090 (which I would like to have merged before finalizing this one) will add more, this PR was made before all that and is probably not up to date at all.

[jakolehm]

Fair enough, but I feel that adding timers is not the right way to do this (they always introduce races). Maybe we need to wait until #1090 is merged.

[kke]

Masters are booted sequentially instead of parallelly here.

[jakolehm]

Would it be easier to generate this in ruby code?

[jakolehm]

Why && ? Methods don't actually return boolean?

[jakolehm]

||= with attr_writer feels a bit broken?

[kke]

Well yes, if someone would override the host= method created by attr_writer, it would not be called.

The alternative that would use the writer method would be:

def host
  @host || self.host = Host.new
end

[kke]

Badly out of sync. Maybe wait for #1044 (this will need to refuse booting the localhost I suppose).

[kke]

Oh, #1044 is in and is why this conflicted so bad :)

[kke]

This requires #1090

[jakolehm]

Are we using this?

[jakolehm]

Are we using this?

[kke]

      def new?
        !checks['kubelet_configured']
      end

      # @return [Integer]
      def master_sort_score
        if checks['api_healthy']
          0
        elsif checks['kubelet_configured']
          1
        else
          2
        end
      end

[jakolehm]

Are we using this?

[kke]

lib/pharos/phases/validate_host.rb
40:        raise Pharos::InvalidHostError, "Cannot change worker host role to master" if @host.master? && [email protected]['ca_exists']
41:        raise Pharos::InvalidHostError, "Cannot change master host role to worker" if @host.worker? && @host.checks['ca_exists']

[jakolehm]

I meant are we using it in this PR? How is this relevant?

[jakolehm]

Are we using this?

[kke]

All this pastel stuff need to be updated too

[kke]

Hmm, it could be possible to schedule uncordoning by using something like:

echo "kubectl uncordon #{localhost.hostname}" | at now + 10 minutes

before issuing the reboot command on the localhost

[jakolehm]

It's not safe to reboot all workers in parallel. At minimum there needs to be an option for this.

[jakolehm]

Fair enough, but I feel that adding timers is not the right way to do this (they always introduce races). Maybe we need to wait until #1090 is merged.

[kke]

Cleaned up after the transport changes, I feel there might still be a bit too much logic.

[kke]

Hmm I wonder if this is still 2.4.0 -worthy. Seems quite simple nowadays. Maybe add a e2e after "worker up".