Skip to content

Introduce Seed annotation to temporarily disable Shoot reconciliations #12712

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 6 commits into from
Aug 14, 2025
Merged

Introduce Seed annotation to temporarily disable Shoot reconciliations #12712

merged 6 commits into from
Aug 14, 2025

Conversation

LucaBernstein
Copy link
Member

@LucaBernstein LucaBernstein commented Aug 12, 2025
edited
Loading

How to categorize this PR?

/area ops-productivity robustness
/kind enhancement

What this PR does / why we need it:
There may be situations where you need to temporarily stop the reconciliation of Shoot clusters in a Seed cluster.
This can be achieved by adding the annotation gardener.cloud/disable-shoot-reconciliations=true to the Seed resource.

While this annotation is present:

  • The Seed controller will not reconcile any Shoot clusters in the affected Seed.
  • New Shoot clusters will not be scheduled to this Seed.
  • The Seed will expose the SeedDisabledShootReconciliations condition.
  • This is useful, for example, to prevent faulty updates from propagating further.

Which issue(s) this PR fixes:
Fixes #12528

Special notes for your reviewer:
/cc @rfranzke @ScheererJ

Release note:

Add annotation `shoot.gardener.cloud/emergency-stop-reconciliations=true` to `Seed` resources to temporarily disable `Shoot` reconciliations.

@LucaBernstein
Add Seed annotation to temporarily disable Shoot reconciliations
5b42181 
- gardenlet Shoot controller's ShouldReconcileNow is added a reason to log
- shoot.status.lastOperation is filled with Pending state so that further annotations to the Shoot after the annotation has been removed lead to a generation increase and thus a reconciliation. See: https://github.com/gardener/gardener/blob/874791cb97e96d622c994c6cc8ef4091fc9e9102/pkg/apiserver/registry/core/shoot/strategy.go#L101

Signed-off-by: Luca Bernstein <luca.bernstein@sap.com>
@LucaBernstein
Expose condition about disabled Shoot reconciliations in the Seed
d4956b6 
… status

- Extract `HasShootReconciliationsDisabledAnnotation` fn

Signed-off-by: Luca Bernstein <luca.bernstein@sap.com>
@LucaBernstein
Do not schedule new Shoots to Seeds with temporarily disabled `Sh…
2185902 
…oot` reconciliation

Signed-off-by: Luca Bernstein <luca.bernstein@sap.com>
@LucaBernstein
Add documentation about the annotation for seed operations
e347816 
Signed-off-by: Luca Bernstein <luca.bernstein@sap.com>
@gardener-prow gardener-prow bot requested review from rfranzke and ScheererJ August 12, 2025 09:32
@gardener-prow gardener-prow bot added area/ops-productivity Operator productivity related (how to improve operations) area/robustness Robustness, reliability, resilience related kind/enhancement Enhancement, improvement, extension cla: yes Indicates the PR's author has signed the cla-assistant.io CLA. size/L Denotes a PR that changes 100-499 lines, ignoring generated files. labels Aug 12, 2025
@ScheererJ
Copy link
Member

/assign

ScheererJ
ScheererJ reviewed Aug 12, 2025
View reviewed changes
Copy link
Member

@ScheererJ ScheererJ left a comment
edited by LucaBernstein
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks a lot for this nice enhancement, which makes the life of operators easier in case problems arise.

rfranzke
rfranzke reviewed Aug 12, 2025
View reviewed changes
@LucaBernstein
Address review feedback
c07a68b 
- improve docs
- improve var and const namings
- condense seed health check regarding emergency annotation
- add test cases

Signed-off-by: Luca Bernstein <luca.bernstein@sap.com>
rfranzke
rfranzke reviewed Aug 13, 2025
View reviewed changes
rfranzke
rfranzke reviewed Aug 13, 2025
View reviewed changes
Copy link
Member

@rfranzke rfranzke left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/lgtm
/approve

@gardener-prow gardener-prow bot added the lgtm Indicates that a PR is ready to be merged. label Aug 13, 2025
@gardener-prow Gardener Prow
Copy link
Contributor

gardener-prow bot commented Aug 13, 2025

LGTM label has been added.

Git tree hash: 68c2d9d534b2940b704c53d59e4e14ec043e7736

@gardener-prow gardener-prow bot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Aug 13, 2025
@LucaBernstein
Address review feedback (2)
8e534a0 
Signed-off-by: Luca Bernstein <luca.bernstein@sap.com>
@LucaBernstein LucaBernstein force-pushed the seed-annotation-disable-shoot-reconciliations branch from 4a76da0 to 8e534a0 Compare August 13, 2025 13:35
@gardener-prow gardener-prow bot removed the lgtm Indicates that a PR is ready to be merged. label Aug 13, 2025
@gardener-prow gardener-prow bot requested review from rfranzke and ScheererJ August 13, 2025 13:35
marc1404
marc1404 reviewed Aug 13, 2025
View reviewed changes
Copy link
Member

@marc1404 marc1404 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/lgtm

@gardener-prow gardener-prow bot added the lgtm Indicates that a PR is ready to be merged. label Aug 13, 2025
@gardener-prow Gardener Prow
Copy link
Contributor

gardener-prow bot commented Aug 13, 2025

LGTM label has been added.

Git tree hash: c8829a51daa3b339c045e60117b60b07ca351da1

ScheererJ
ScheererJ approved these changes Aug 14, 2025
View reviewed changes
Copy link
Member

@ScheererJ ScheererJ left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/lgtm
/approve

@gardener-prow Gardener Prow
Copy link
Contributor

gardener-prow bot commented Aug 14, 2025

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: rfranzke, ScheererJ

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@gardener-prow gardener-prow bot merged commit 0e92e63 into gardener:master Aug 14, 2025
19 checks passed
@LucaBernstein LucaBernstein deleted the seed-annotation-disable-shoot-reconciliations branch August 22, 2025 08:01
Duciwuci pushed a commit to stackitcloud/gardener that referenced this pull request Sep 1, 2025
@LucaBernstein @Duciwuci
Introduce Seed annotation to temporarily disable Shoot reconcilia…
0c94749 
…tions (gardener#12712)

* Add `Seed` annotation to temporarily disable `Shoot` reconciliations

- gardenlet Shoot controller's ShouldReconcileNow is added a reason to log
- shoot.status.lastOperation is filled with Pending state so that further annotations to the Shoot after the annotation has been removed lead to a generation increase and thus a reconciliation. See: https://github.com/gardener/gardener/blob/874791cb97e96d622c994c6cc8ef4091fc9e9102/pkg/apiserver/registry/core/shoot/strategy.go#L101

Signed-off-by: Luca Bernstein <luca.bernstein@sap.com>

* Expose condition about disabled `Shoot` reconciliations in the `Seed` status

- Extract `HasShootReconciliationsDisabledAnnotation` fn

Signed-off-by: Luca Bernstein <luca.bernstein@sap.com>

* Do not schedule new `Shoot`s to `Seeds` with temporarily disabled `Shoot` reconciliation

Signed-off-by: Luca Bernstein <luca.bernstein@sap.com>

* Add documentation about the annotation for seed operations

Signed-off-by: Luca Bernstein <luca.bernstein@sap.com>

* Address review feedback

- improve docs
- improve var and const namings
- condense seed health check regarding emergency annotation
- add test cases

Signed-off-by: Luca Bernstein <luca.bernstein@sap.com>

* Address review feedback (2)

Signed-off-by: Luca Bernstein <luca.bernstein@sap.com>

---------

Signed-off-by: Luca Bernstein <luca.bernstein@sap.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@marc1404 marc1404 marc1404 left review comments

@ScheererJ ScheererJ ScheererJ approved these changes

@rfranzke rfranzke Awaiting requested review from rfranzke

Assignees

@marc1404 marc1404

@rfranzke rfranzke

@ScheererJ ScheererJ

Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. area/ops-productivity Operator productivity related (how to improve operations) area/robustness Robustness, reliability, resilience related cla: yes Indicates the PR's author has signed the cla-assistant.io CLA. kind/enhancement Enhancement, improvement, extension lgtm Indicates that a PR is ready to be merged. size/L Denotes a PR that changes 100-499 lines, ignoring generated files.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Provide Operational Emergency Switch to Prevent Propagation of Faulty Updates
4 participants
@LucaBernstein @ScheererJ @marc1404 @rfranzke