edge.24-07-08
Simplifies AWS EKS configuration with bootstrap mode, adds Fledged for node image caching, introduces PVC annotator for StatefulSet PVC management, and fixes various credential handling and utility command issues.
Redeploy StatefulSets for PVC Annotator Integration
Incorporating kube_pvc_annotator into Panfactum modules requires redeploying StatefulSets. Follow these steps carefully to avoid downtime or data loss.
Create a Velero backup of the cluster by running
velero create backup -w <backup_name>to recover in case of mistakes.The following StatefulSets need to be deleted in this order, with
kubectl delete --cascade=orphan, and immediately restored with a subsequentterragrunt applyto their defining module:The Vault StatefulSet created by
kube_vaultThe Redis cluster StatefulSet for Authentik created by
kube_authentikThe BuildKit StatefulSets created by
kube_buildkitAny StatefulSets you have provisioned with
kube_stateful_setAny Redis cluster StatefulSets you have provisioned with
kube_redis_sentinel
As long as you use
--cascade=orphanand minimize the time betweenkubectl deleteandterragrunt apply, there will not be any downtime during this operation.After completing step 2, delete the backing PVCs from each module one at a time by deleting the PVC and then deleting its bound pod. The controller will automatically provision a new PVC with the correct labels and annotations.
After deleting each pod, ensure a new pod is provisioned and becomes healthy before proceeding to the next. Proceeding one at a time will not cause downtime or data loss.
Delete the Velero backup created in step 1 by running
velero delete backup <backup_name>.