Potential for tracking tools/toolsbeta Cloud VPS resources via opentofu
Notes
k8s upgrade workgroup progress
DC: Completed K8s upgrade to k8s 1.26 and 1.27. All components have been upgraded to the latest compatible version. The next upgrade (1.28) should be easier as we don’t need to upgrade any components. This will be the first time we run a supported version of K8s since https://wikitech.wikimedia.org/wiki/News/2020_Kubernetes_cluster_migration!
KR/hypothesis progress
DC: Created the new hypothesis for the orchestration API. They are requesting hypotheses to be quarterly. This means that we have to complete a “partial” version of the API so that it can fit in one quarter.
DC: Sarai (Designer) will start doing user interviews to gather more ideas on pain points, opportunities, etc. and see which features to prioritize when doing the UI. This is in preparation for next FY when we plan to implement a prototype of the UI. In this FY we expect to complete the design only (Figma or similar).
Potential for tracking tools/toolsbeta Cloud VPS resources via opentofu
ABG: we are working on tracking CloudVPS resources using OpenTofu. This opens the door to track also tools/toolsbeta resources using OpenTofu. This should be a dedicated repo, not in the same “tofu-infra” repo but in something like “tofu-toolforge”. We could use it to track flavors, floating IPs, bastions. This could all be tracked in a git repo instead of using Horizon or the OpenStack database. It could be a very nice project. Some patterns used in the tofu-infra repo could be reused. There are many open questions.
BD: Ideally the container would come from elsewhere, but you can look at what I put in the blubber config file.
ABG: You’re pulling the provider from the opentofu registry, maybe we can do the same in the tofu-infra repo, instead of including the provider code in the git repo
DC: Can you use Tofu to manage K8s workers in Toolforge? How do you handle upgrades?
BD: You can do something like “for loops” where each worker gets a different name. Rook is doing something similar for managing blue/green deploys of Magnum clusters.
DC: We can use toolsbeta for testing.
DC: I saw some people using Tofu for the bootstrap, then run Ansible to configure the instances
BD: That’s what Rook is doing with PAWS. Taavi tried applying Puppet rules to the instances in metricsinfra, but that does not work with Magnum because the images are not puppetized.
DC: The k8s instances are not using puppet, we install k8s with kubeadm.
BD: There are providers you can drop in Tofu, even for Ansible. Or you can have Tofu ssh into the instance and apply an ssh command.
FN: Maybe there is some provider for handling kubernetes and kubeadm, but I’m not sure.
