Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Spike: Dex OIDC Upgrade/Configuration Change in Existing Cluster (Brownfield) #193

Closed
lb4368 opened this issue Jul 13, 2021 · 8 comments
Closed

Spike: Dex OIDC Upgrade/Configuration Change in Existing Cluster (Brownfield) #193

lb4368 opened this issue Jul 13, 2021 · 8 comments
Assignees
@sshiba
Labels
Day2 Relates to day 2 operations (brownfield upgrades, etc.) enhancement New feature or request priority/critical Items critical to be implemented, usually by the next release size l 5-7+ days [multiple functional areas; complex function or capability, or multiple PSs]
Milestone
v2.1

Comments

@lb4368
Copy link

lb4368 commented Jul 13, 2021

Problem description
The Dex identity service running within an existing cluster may require upgrade or configuration change. We need to understand the implications of these updates on the running site.

Proposed change

  • Provide a plan for applying a Dex upgrade or configuration change
  • Identify impacts to cluster availability and performance during a Dex upgrade
  • Identify impacts to existing cluster during a Dex configuration change (e.g. password update for LDAP back-end)
@lb4368 lb4368 added enhancement New feature or request triage Day2 Relates to day 2 operations (brownfield upgrades, etc.) labels Jul 13, 2021
@lb4368 lb4368 added this to the v2.2 milestone Jul 13, 2021
@jezogwza jezogwza added priority/medium Default priority for items priority/critical Items critical to be implemented, usually by the next release and removed triage priority/medium Default priority for items labels Jul 14, 2021
@sshiba
Copy link
Contributor

sshiba commented Jul 14, 2021

Please, assign this to me. Thanks.

@eak13 eak13 added the size l 5-7+ days [multiple functional areas; complex function or capability, or multiple PSs] label Jul 26, 2021
@sshiba
Copy link
Contributor

sshiba commented Sep 13, 2021
edited
Loading

@lb4368, Is the expectation that Dex upgrade is done through airshipctl phase run command or directly using helm upgrade command?

@lb4368
Copy link
Author

lb4368 commented Sep 13, 2021

@sshiba This would be an upgrade via airshipctl phase run. I think we would like to update the Dex manifests re-apply a phase, that delivers. If that works, we would like to then understand the implications of the upgrade or configuration change on the running cluster.

@sshiba
Copy link
Contributor

sshiba commented Sep 15, 2021

[WIP] documenting finding in hackmd.io (https://hackmd.io/4K0ds3S1S0O8uV0eTaydwA)

@sshiba
Copy link
Contributor

sshiba commented Sep 17, 2021

@lb4368, the hackmd.io document (https://hackmd.io/4K0ds3S1S0O8uV0eTaydwA) has been updated with the tests and recommendation for upgrading dex-aio and it is ready for review.

@lb4368
Copy link
Author

lb4368 commented Sep 17, 2021

@sshiba I looked through this and it looks good. Can we do a quick review on a design call?

@sshiba
Copy link
Contributor

sshiba commented Sep 17, 2021

@lb4368 , yes, of course.

@lb4368
Copy link
Author

lb4368 commented Sep 29, 2021

Hackmd results reviewed during 9/29/21 design call. Closing this.

@lb4368 lb4368 closed this as completed Sep 29, 2021
@eak13 eak13 modified the milestones: v2.2, v2.1 Nov 3, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@sshiba sshiba

Labels
Day2 Relates to day 2 operations (brownfield upgrades, etc.) enhancement New feature or request priority/critical Items critical to be implemented, usually by the next release size l 5-7+ days [multiple functional areas; complex function or capability, or multiple PSs]
Projects
None yet
Milestone
v2.1
Development

No branches or pull requests
4 participants
@lb4368 @sshiba @eak13 @jezogwza