reboot if forceRebootSentinel exists

Update main.go
fix spelling
2026-02-16 18:29:50 +00:00 · 2018-06-01 13:29:49 +02:00 · 2018-05-15 14:19:08 +02:00 · 2018-05-15 12:40:54 +02:00
39 changed files with 612 additions and 1703 deletions
--- a/.circleci/config.yml
+++ b/.circleci/config.yml
@@ -1,28 +1,20 @@
 version: 2
 jobs:
  build:
+    working_directory: /go/src/github.com/weaveworks/kured
    docker:
-      - image: cimg/go:1.13
+      - image: circleci/golang:1.8
    steps:
      - checkout
      - setup_remote_docker
-      - deploy:
-          name: Build and push image
-          command: |
-            echo "$DOCKER_PASS" | docker login --username "$DOCKER_USER" --password-stdin
-            if [ -z "${CIRCLE_TAG}" ]; then
-                make publish-image
-            else
-                make VERSION="${CIRCLE_TAG}" publish-image
-            fi
+      - run: go get github.com/golang/dep/cmd/dep
+      - run: dep ensure
+      - run: make

-workflows:
-  version: 2
-  build:
-    jobs:
-     - build:
-         filters:
-           tags:
-             only: /.*/
-           branches:
-             ignore: gh-pages
+      - deploy:
+          name: Maybe push master images
+          command: |
+            if [ -z "${CIRCLE_TAG}" -a "${CIRCLE_BRANCH}" == "master" ]; then
+              docker login -u "$DOCKER_USER" -p "$DOCKER_PASS" quay.io
+              make publish-image
+            fi
--- a/.github/ct.yaml
+++ b/.github/ct.yaml
@@ -1,6 +0,0 @@
-# See https://github.com/helm/chart-testing#configuration
-remote: origin
-chart-dirs:
-  - charts
-chart-repos: []
-helm-extra-args: --timeout 600s
--- a/.github/workflows/chart-lint.yml
+++ b/.github/workflows/chart-lint.yml
@@ -1,32 +0,0 @@
-name: lint-chart
-
-on:
-  pull_request:
-    paths:
-      - "charts/**"
-
-jobs:
-  lint-test:
-    runs-on: ubuntu-latest
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v2
-        with:
-          fetch-depth: "0"
-
-      - name: Run chart-testing (lint)
-        id: lint
-        uses: helm/chart-testing-action@v1.0.0-rc.2
-        with:
-          command: lint
-          config: .github/ct.yaml
-
-      - name: Create kind cluster
-        uses: helm/kind-action@v1.0.0-rc.1
-        if: steps.lint.outputs.changed == 'true'
-
-      - name: Run chart-testing (install)
-        uses: helm/chart-testing-action@v1.0.0-rc.2
-        with:
-          command: install
-          config: .github/ct.yaml
--- a/.github/workflows/chart-release.yml
+++ b/.github/workflows/chart-release.yml
@@ -1,16 +0,0 @@
-name: release-chart
-on:
-  push:
-    tags:
-      - "*"
-
-jobs:
-  publish:
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v2
-      - name: Publish Helm chart
-        uses: stefanprodan/helm-gh-pages@master
-        with:
-          token: ${{ secrets.GITHUB_TOKEN }}
-          charts_dir: charts
--- a/.github/workflows/check-links.yaml
+++ b/.github/workflows/check-links.yaml
@@ -1,16 +0,0 @@
-name: "Check links"
-on: [pull_request, push]
-
-jobs:
-  docs:
-    runs-on: ubuntu-latest
-    steps:
-    - uses: actions/checkout@v1
-    - name: Link Checker
-      id: lc
-      uses: peter-evans/link-checker@v1
-      with:
-        args: -r *.md *.yaml */*/*.go -x .cluster.local
-    - name: Fail if there were link errors
-      run: exit ${{ steps.lc.outputs.exit_code }}
-
--- a/DEVELOPMENT.md
+++ b/DEVELOPMENT.md
@@ -1,106 +0,0 @@
-# Developing `kured`
-
-We love contributions to `kured`, no matter if you are [helping out on
-Slack][slack], reporting or triaging [issues][issues] or contributing code
-to `kured`.
-
-In any case, it will make sense to familiarise yourself with the main
-[README][readme] to understand the different features and options, which is
-helpful for testing. The "building" section in particular makes sense if
-you are planning to contribute code.
-
-[slack]: README.md#getting-help
-[issues]: https://github.com/weaveworks/kured/issues
-[readme]: README.md
-
-## Updating k8s support
-
-Whenever we want to update e.g. [`kubectl` in the
-image](cmd/kured/Dockerfile), we need to consider if we update `client-go`
-as well, some RBAC changes might be necessary too.
-
-This is what it took to support Kubernetes 1.14:
-<https://github.com/weaveworks/kured/pull/75>
-
-That the process can be more involved that that can be seen in
-<https://github.com/weaveworks/kured/commits/support-k8s-1.10>
-
-Once you updated everything, make sure you update the support matrix on
-the main [README][readme] as well.
-
-## Release testing
-
-Before `kured` is released, we want to make sure it still works fine on the
-previous, current and next minor version of Kubernetes (with respect to the
-embedded `client-go` & `kubectl`). For local testing e.g. `minikube` can be
-sufficient.
-
-Deploy kured in your test scenario, make sure you pass the right `image`,
-update the e.g. `period` and `reboot-days` options, so you get immediate
-results, if you login to a node and run:
-
-```console
-sudo touch /var/run/reboot-required
-```
-
-### Testing with `minikube`
-
-A test-run with `minikube` could look like this:
-
-```console
-minikube start --vm-driver kvm2 --kubernetes-version <k8s-release>
-
-# edit kured-ds.yaml to
-#   - point to new image
-#   - change e.g. period and reboot-days option for immediate results
-
-minikube kubectl -- apply -f kured-rbac.yaml
-minikube kubectl -- apply -f kured-ds.yaml
-minikube kubectl -- logs daemonset.apps/kured -n kube-system -f
-
-# In separate terminal
-minikube ssh
- sudo touch /var/run/reboot-required
-minikube logs -f
-```
-
-Now check for the 'Commanding reboot' message and minikube going down.
-
-Unfortunately as of today, you are going to run into
-<https://github.com/kubernetes/minikube/issues/2874>. This means that
-minikube won't come back easily. You will need to start minikube again.
-Then you can check for the lock release.
-
-If all the tests ran well, kured maintainers can reach out to the Weaveworks
-team to get an upcoming `kured` release tested in the Dev environment for
-real life testing.
-
-## Publishing a new kured release
-
-Check that `README.md` has an updated compatibility matrix and that the
-url in the `kubectl` incantation (under "Installation") is updated to the
-new version you want to release.
-
-Now create the `kured-<release>-dockerhub.yaml` for e.g. `1.3.0`:
-
-```sh
-VERSION=1.3.0
-MANIFEST="kured-$VERSION-dockerhub.yaml"
-cat kured-rbac.yaml > "$MANIFEST"
-cat kured-ds.yaml >> "$MANIFEST"
-sed -i "s#docker.io/weaveworks/kured#docker.io/weaveworks/kured:$VERSION#g" "$MANIFEST"
-```
-
-The last thing you need to do is update the `image:` to point to the release
-tag, e.g. `docker.io/weaveworks/kured:1.3.0`.
-
-Now you can head to the Github UI, use the version number as tag and upload the
-`kured-<release>-dockerhub.yaml` file.
-
-### Release notes
-
-Please describe what's new and noteworthy in the release notes, list the PRs
-that landed and give a shout-out to everyone who contributed.
-
-Please also note down on which releases the upcoming `kured` release was
-tested on. (Check old release notes if you're unsure.)
--- a/Gopkg.lock
+++ b/Gopkg.lock
@@ -0,0 +1,431 @@
+# This file is autogenerated, do not edit; changes may be undone by the next 'dep ensure'.
+
+
+[[projects]]
+  name = "github.com/PuerkitoBio/purell"
+  packages = ["."]
+  revision = "0bcb03f4b4d0a9428594752bd2a3b9aa0a9d4bd4"
+  version = "v1.1.0"
+
+[[projects]]
+  branch = "master"
+  name = "github.com/PuerkitoBio/urlesc"
+  packages = ["."]
+  revision = "bbf7a2afc14f93e1e0a5c06df524fbd75e5031e5"
+
+[[projects]]
+  name = "github.com/asaskevich/govalidator"
+  packages = ["."]
+  revision = "73945b6115bfbbcc57d89b7316e28109364124e1"
+  version = "v7"
+
+[[projects]]
+  branch = "master"
+  name = "github.com/beorn7/perks"
+  packages = ["quantile"]
+  revision = "4c0e84591b9aa9e6dcfdf3e020114cd81f89d5f9"
+
+[[projects]]
+  branch = "master"
+  name = "github.com/cloudfoundry-incubator/candiedyaml"
+  packages = ["."]
+  revision = "99c3df83b51532e3615f851d8c2dbb638f5313bf"
+
+[[projects]]
+  branch = "master"
+  name = "github.com/davecgh/go-spew"
+  packages = ["spew"]
+  revision = "5215b55f46b2b919f50a1df0eaa5886afe4e3b3d"
+
+[[projects]]
+  branch = "master"
+  name = "github.com/docker/distribution"
+  packages = [
+    "digest",
+    "reference"
+  ]
+  revision = "7365003236ca58bd7fa17ef1459328d13301d7d5"
+
+[[projects]]
+  branch = "master"
+  name = "github.com/emicklei/go-restful"
+  packages = [
+    ".",
+    "log"
+  ]
+  revision = "b14c3a95fc27c52959d2eddc85066da3c14bf269"
+
+[[projects]]
+  name = "github.com/emicklei/go-restful-swagger12"
+  packages = ["."]
+  revision = "dcef7f55730566d41eae5db10e7d6981829720f6"
+  version = "1.0.1"
+
+[[projects]]
+  branch = "master"
+  name = "github.com/ghodss/yaml"
+  packages = ["."]
+  revision = "aa0c862057666179de291b67d9f093d12b5a8473"
+
+[[projects]]
+  branch = "master"
+  name = "github.com/go-openapi/analysis"
+  packages = ["."]
+  revision = "8ed83f2ea9f00f945516462951a288eaa68bf0d6"
+
+[[projects]]
+  branch = "master"
+  name = "github.com/go-openapi/errors"
+  packages = ["."]
+  revision = "03cfca65330da08a5a440053faf994a3c682b5bf"
+
+[[projects]]
+  branch = "master"
+  name = "github.com/go-openapi/jsonpointer"
+  packages = ["."]
+  revision = "779f45308c19820f1a69e9a4cd965f496e0da10f"
+
+[[projects]]
+  branch = "master"
+  name = "github.com/go-openapi/jsonreference"
+  packages = ["."]
+  revision = "36d33bfe519efae5632669801b180bf1a245da3b"
+
+[[projects]]
+  branch = "master"
+  name = "github.com/go-openapi/loads"
+  packages = ["."]
+  revision = "a80dea3052f00e5f032e860dd7355cd0cc67e24d"
+
+[[projects]]
+  branch = "master"
+  name = "github.com/go-openapi/spec"
+  packages = ["."]
+  revision = "e51c28f07047ad90caff03f6450908720d337e0c"
+
+[[projects]]
+  branch = "master"
+  name = "github.com/go-openapi/strfmt"
+  packages = ["."]
+  revision = "610b6cacdcde6852f4de68998bd20ce1dac85b22"
+
+[[projects]]
+  branch = "master"
+  name = "github.com/go-openapi/swag"
+  packages = ["."]
+  revision = "24ebf76d720bab64f62824d76bced3184a65490d"
+
+[[projects]]
+  branch = "master"
+  name = "github.com/gogo/protobuf"
+  packages = [
+    "proto",
+    "sortkeys"
+  ]
+  revision = "e33835a643a970c11ac74f6333f5f6866387a101"
+
+[[projects]]
+  branch = "master"
+  name = "github.com/golang/glog"
+  packages = ["."]
+  revision = "23def4e6c14b4da8ac2ed8007337bc5eb5007998"
+
+[[projects]]
+  branch = "master"
+  name = "github.com/golang/protobuf"
+  packages = ["proto"]
+  revision = "2bba0603135d7d7f5cb73b2125beeda19c09f4ef"
+
+[[projects]]
+  branch = "master"
+  name = "github.com/google/gofuzz"
+  packages = ["."]
+  revision = "fd52762d25a41827db7ef64c43756fd4b9f7e382"
+
+[[projects]]
+  branch = "master"
+  name = "github.com/inconshreveable/mousetrap"
+  packages = ["."]
+  revision = "76626ae9c91c4f2a10f34cad8ce83ea42c93bb75"
+
+[[projects]]
+  branch = "master"
+  name = "github.com/juju/ratelimit"
+  packages = ["."]
+  revision = "5b9ff866471762aa2ab2dced63c9fb6f53921342"
+
+[[projects]]
+  branch = "master"
+  name = "github.com/mailru/easyjson"
+  packages = [
+    "buffer",
+    "jlexer",
+    "jwriter"
+  ]
+  revision = "2af9a745a611440bab0528e5ac19b2805a1c50eb"
+
+[[projects]]
+  name = "github.com/matttproud/golang_protobuf_extensions"
+  packages = ["pbutil"]
+  revision = "3247c84500bff8d9fb6d579d800f20b3e091582c"
+  version = "v1.0.0"
+
+[[projects]]
+  branch = "master"
+  name = "github.com/mitchellh/mapstructure"
+  packages = ["."]
+  revision = "d0303fe809921458f417bcf828397a65db30a7e4"
+
+[[projects]]
+  branch = "master"
+  name = "github.com/prometheus/client_golang"
+  packages = [
+    "api/prometheus",
+    "prometheus",
+    "prometheus/promhttp"
+  ]
+  revision = "5636dc67ae776adf5590da7349e70fbb9559972d"
+
+[[projects]]
+  branch = "master"
+  name = "github.com/prometheus/client_model"
+  packages = ["go"]
+  revision = "6f3806018612930941127f2a7c6c453ba2c527d2"
+
+[[projects]]
+  branch = "master"
+  name = "github.com/prometheus/common"
+  packages = [
+    "expfmt",
+    "internal/bitbucket.org/ww/goautoneg",
+    "model"
+  ]
+  revision = "ebdfc6da46522d58825777cf1f90490a5b1ef1d8"
+
+[[projects]]
+  branch = "master"
+  name = "github.com/prometheus/procfs"
+  packages = [
+    ".",
+    "xfs"
+  ]
+  revision = "e645f4e5aaa8506fc71d6edbc5c4ff02c04c46f2"
+
+[[projects]]
+  name = "github.com/sirupsen/logrus"
+  packages = ["."]
+  revision = "c155da19408a8799da419ed3eeb0cb5db0ad5dbc"
+  version = "v1.0.5"
+
+[[projects]]
+  branch = "master"
+  name = "github.com/spf13/cobra"
+  packages = ["."]
+  revision = "b24564e919247d7c870fe0ed3738c98d8741aca4"
+
+[[projects]]
+  branch = "master"
+  name = "github.com/spf13/pflag"
+  packages = ["."]
+  revision = "367864438f1b1a3c7db4da06a2f55b144e6784e0"
+
+[[projects]]
+  branch = "master"
+  name = "github.com/ugorji/go"
+  packages = ["codec"]
+  revision = "3487a5545b3d480987dfb0492035299077fab33a"
+
+[[projects]]
+  branch = "master"
+  name = "golang.org/x/crypto"
+  packages = ["ssh/terminal"]
+  revision = "beb2a9779c3b677077c41673505f150149fce895"
+
+[[projects]]
+  branch = "master"
+  name = "golang.org/x/net"
+  packages = [
+    "context",
+    "context/ctxhttp",
+    "http2",
+    "http2/hpack",
+    "idna"
+  ]
+  revision = "2a35e686583654a1b89ca79c4ac78cb3d6529ca3"
+
+[[projects]]
+  branch = "master"
+  name = "golang.org/x/sys"
+  packages = [
+    "unix",
+    "windows"
+  ]
+  revision = "3b87a42e500a6dc65dae1a55d0b641295971163e"
+
+[[projects]]
+  branch = "master"
+  name = "golang.org/x/text"
+  packages = [
+    "internal/gen",
+    "internal/triegen",
+    "internal/ucd",
+    "transform",
+    "unicode/cldr",
+    "unicode/norm",
+    "width"
+  ]
+  revision = "a9a820217f98f7c8a207ec1e45a874e1fe12c478"
+
+[[projects]]
+  branch = "master"
+  name = "gopkg.in/inf.v0"
+  packages = ["."]
+  revision = "3887ee99ecf07df5b447e9b00d9c0b2adaa9f3e4"
+
+[[projects]]
+  branch = "v2"
+  name = "gopkg.in/mgo.v2"
+  packages = [
+    "bson",
+    "internal/json"
+  ]
+  revision = "3f83fa5005286a7fe593b055f0d7771a7dce4655"
+
+[[projects]]
+  branch = "v2"
+  name = "gopkg.in/yaml.v2"
+  packages = ["."]
+  revision = "cd8b52f8269e0feb286dfeef29f8fe4d5b397e0b"
+
+[[projects]]
+  branch = "release-1.7"
+  name = "k8s.io/apimachinery"
+  packages = [
+    "pkg/api/equality",
+    "pkg/api/errors",
+    "pkg/api/meta",
+    "pkg/api/resource",
+    "pkg/apimachinery",
+    "pkg/apimachinery/announced",
+    "pkg/apimachinery/registered",
+    "pkg/apis/meta/v1",
+    "pkg/apis/meta/v1/unstructured",
+    "pkg/apis/meta/v1alpha1",
+    "pkg/conversion",
+    "pkg/conversion/queryparams",
+    "pkg/conversion/unstructured",
+    "pkg/fields",
+    "pkg/labels",
+    "pkg/openapi",
+    "pkg/runtime",
+    "pkg/runtime/schema",
+    "pkg/runtime/serializer",
+    "pkg/runtime/serializer/json",
+    "pkg/runtime/serializer/protobuf",
+    "pkg/runtime/serializer/recognizer",
+    "pkg/runtime/serializer/streaming",
+    "pkg/runtime/serializer/versioning",
+    "pkg/selection",
+    "pkg/types",
+    "pkg/util/clock",
+    "pkg/util/diff",
+    "pkg/util/errors",
+    "pkg/util/framer",
+    "pkg/util/intstr",
+    "pkg/util/json",
+    "pkg/util/net",
+    "pkg/util/rand",
+    "pkg/util/runtime",
+    "pkg/util/sets",
+    "pkg/util/validation",
+    "pkg/util/validation/field",
+    "pkg/util/wait",
+    "pkg/util/yaml",
+    "pkg/version",
+    "pkg/watch",
+    "third_party/forked/golang/reflect"
+  ]
+  revision = "8ab5f3d8a330c2e9baaf84e39042db8d49034ae2"
+
+[[projects]]
+  name = "k8s.io/client-go"
+  packages = [
+    "discovery",
+    "kubernetes",
+    "kubernetes/scheme",
+    "kubernetes/typed/admissionregistration/v1alpha1",
+    "kubernetes/typed/apps/v1beta1",
+    "kubernetes/typed/authentication/v1",
+    "kubernetes/typed/authentication/v1beta1",
+    "kubernetes/typed/authorization/v1",
+    "kubernetes/typed/authorization/v1beta1",
+    "kubernetes/typed/autoscaling/v1",
+    "kubernetes/typed/autoscaling/v2alpha1",
+    "kubernetes/typed/batch/v1",
+    "kubernetes/typed/batch/v2alpha1",
+    "kubernetes/typed/certificates/v1beta1",
+    "kubernetes/typed/core/v1",
+    "kubernetes/typed/extensions/v1beta1",
+    "kubernetes/typed/networking/v1",
+    "kubernetes/typed/policy/v1beta1",
+    "kubernetes/typed/rbac/v1alpha1",
+    "kubernetes/typed/rbac/v1beta1",
+    "kubernetes/typed/settings/v1alpha1",
+    "kubernetes/typed/storage/v1",
+    "kubernetes/typed/storage/v1beta1",
+    "pkg/api",
+    "pkg/api/v1",
+    "pkg/api/v1/ref",
+    "pkg/apis/admissionregistration",
+    "pkg/apis/admissionregistration/v1alpha1",
+    "pkg/apis/apps",
+    "pkg/apis/apps/v1beta1",
+    "pkg/apis/authentication",
+    "pkg/apis/authentication/v1",
+    "pkg/apis/authentication/v1beta1",
+    "pkg/apis/authorization",
+    "pkg/apis/authorization/v1",
+    "pkg/apis/authorization/v1beta1",
+    "pkg/apis/autoscaling",
+    "pkg/apis/autoscaling/v1",
+    "pkg/apis/autoscaling/v2alpha1",
+    "pkg/apis/batch",
+    "pkg/apis/batch/v1",
+    "pkg/apis/batch/v2alpha1",
+    "pkg/apis/certificates",
+    "pkg/apis/certificates/v1beta1",
+    "pkg/apis/extensions",
+    "pkg/apis/extensions/v1beta1",
+    "pkg/apis/networking",
+    "pkg/apis/networking/v1",
+    "pkg/apis/policy",
+    "pkg/apis/policy/v1beta1",
+    "pkg/apis/rbac",
+    "pkg/apis/rbac/v1alpha1",
+    "pkg/apis/rbac/v1beta1",
+    "pkg/apis/settings",
+    "pkg/apis/settings/v1alpha1",
+    "pkg/apis/storage",
+    "pkg/apis/storage/v1",
+    "pkg/apis/storage/v1beta1",
+    "pkg/util",
+    "pkg/util/parsers",
+    "pkg/version",
+    "rest",
+    "rest/watch",
+    "tools/clientcmd/api",
+    "tools/metrics",
+    "transport",
+    "util/cert",
+    "util/flowcontrol",
+    "util/integer"
+  ]
+  revision = "d92e8497f71b7b4e0494e5bd204b48d34bd6f254"
+  version = "v4.0.0"
+
+[solve-meta]
+  analyzer-name = "dep"
+  analyzer-version = 1
+  inputs-digest = "029e6d2251ccbf5acdfc3bc0c36f340dc3a98511b0d7338c3e9bb167e412a155"
+  solver-name = "gps-cdcl"
+  solver-version = 1
--- a/Gopkg.toml
+++ b/Gopkg.toml
@@ -0,0 +1,24 @@
+
+[[constraint]]
+  name = "github.com/sirupsen/logrus"
+  version = "v1.0.5"
+
+[[constraint]]
+  branch = "master"
+  name = "github.com/prometheus/client_golang"
+
+[[constraint]]
+  branch = "master"
+  name = "github.com/prometheus/common"
+
+[[constraint]]
+  branch = "master"
+  name = "github.com/spf13/cobra"
+
+[[constraint]]
+  name = "k8s.io/client-go"
+  version = "v4.0.0"
+
+[[constraint]]
+  name = "k8s.io/apimachinery"
+  branch = "release-1.7"
--- a/11
+++ b/11
@@ -3,15 +3,15 @@

 DH_ORG=weaveworks
 VERSION=$(shell git symbolic-ref --short HEAD)-$(shell git rev-parse --short HEAD)
-SUDO=$(shell docker info >/dev/null 2>&1 || echo "sudo -E")

 all: image

 clean:
+	go clean
 	rm -f cmd/kured/kured
 	rm -rf ./build

-godeps=$(shell go list -f '{{join .Deps "\n"}}' $1 | grep -v /vendor/ | xargs go list -f '{{if not .Standard}}{{ $$dep := . }}{{range .GoFiles}}{{$$dep.Dir}}/{{.}} {{end}}{{end}}')
+godeps=$(shell go get $1 && go list -f '{{join .Deps "\n"}}' $1 | grep -v /vendor/ | xargs go list -f '{{if not .Standard}}{{ $$dep := . }}{{range .GoFiles}}{{$$dep.Dir}}/{{.}} {{end}}{{end}}')

 DEPS=$(call godeps,./cmd/kured)

@@ -22,14 +22,13 @@ cmd/kured/kured: cmd/kured/*.go
 build/.image.done: cmd/kured/Dockerfile cmd/kured/kured
 	mkdir -p build
 	cp $^ build
-	$(SUDO) docker build -t docker.io/$(DH_ORG)/kured -f build/Dockerfile ./build
-	$(SUDO) docker tag docker.io/$(DH_ORG)/kured docker.io/$(DH_ORG)/kured:$(VERSION)
+	sudo -E docker build -t quay.io/$(DH_ORG)/kured:$(VERSION) -f build/Dockerfile ./build
 	touch $@

 image: build/.image.done

 publish-image: image
-	$(SUDO) docker push docker.io/$(DH_ORG)/kured:$(VERSION)
+	sudo -E docker push quay.io/$(DH_ORG)/kured:$(VERSION)

 minikube-publish: image
-	$(SUDO) docker save docker.io/$(DH_ORG)/kured | (eval $$(minikube docker-env) && docker load)
+	sudo -E docker save quay.io/$(DH_ORG)/kured:$(VERSION) | (eval $$(minikube docker-env) && docker load)
--- a/README.md
+++ b/README.md
@@ -1,26 +1,20 @@

-# kured - Kubernetes Reboot Daemon
-
 <img src="https://github.com/weaveworks/kured/raw/master/img/logo.png" align="right"/>

 * [Introduction](#introduction)
 * [Kubernetes & OS Compatibility](#kubernetes-&-os-compatibility)
 * [Installation](#installation)
 * [Configuration](#configuration)
-  * [Reboot Sentinel File & Period](#reboot-sentinel-file-&-period)
-  * [Setting a schedule](#setting-a-schedule)
-  * [Blocking Reboots via Alerts](#blocking-reboots-via-alerts)
-  * [Blocking Reboots via Pods](#blocking-reboots-via-pods)
-  * [Prometheus Metrics](#prometheus-metrics)
-  * [Slack Notifications](#slack-notifications)
-  * [Overriding Lock Configuration](#overriding-lock-configuration)
+	* [Reboot Sentinel File & Period](#reboot-sentinel-file-&-period)
+	* [Blocking Reboots via Alerts](#blocking-reboots-via-alerts)
+	* [Prometheus Metrics](#prometheus-metrics)
+	* [Slack Notifications](#slack-notifications)
+	* [Overriding Lock Configuration](#overriding-lock-configuration)
 * [Operation](#operation)
-  * [Testing](#testing)
-  * [Disabling Reboots](#disabling-reboots)
-  * [Manual Unlock](#manual-unlock)
-  * [Automatic Unlock](#automatic-unlock)
+	* [Testing](#testing)
+	* [Disabling Reboots](#disabling-reboots)
+	* [Manual Unlock](#manual-unlock)
 * [Building](#building)
-* [Frequently Asked/Anticipated Questions](#frequently-askedanticipated-questions)
 * [Getting Help](#getting-help)

 ## Introduction
@@ -32,39 +26,30 @@ indicated by the package management system of the underlying OS.
 * Watches for the presence of a reboot sentinel e.g. `/var/run/reboot-required`
 * Utilises a lock in the API server to ensure only one node reboots at
  a time
-* Optionally defers reboots in the presence of active Prometheus alerts or selected pods
+* Optionally defers reboots in the presence of active Prometheus alerts
 * Cordons & drains worker nodes before reboot, uncordoning them after

 ## Kubernetes & OS Compatibility

-The daemon image contains versions of `k8s.io/client-go` and the
-`kubectl` binary for the purposes of maintaining the lock and draining
-worker nodes. Kubernetes aims to provide forwards & backwards
-compatibility of one minor version between client and server:
+The daemon image contains a 1.7.x `k8s.io/client-go` and `kubectl`
+binary for the purposes of maintaining the lock and draining worker
+nodes. Whilst it has only been tested on a 1.7.x cluster, Kubernetes
+typically has good forwards/backwards compatibility so there is a
+reasonable chance it will work on adjacent versions; please file an
+issue if this is not the case.

-| kured  | kubectl | k8s.io/client-go | k8s.io/apimachinery | expected kubernetes compatibility |
-|--------|---------|------------------|---------------------|-----------------------------------|
-| master | 1.17.7  | v0.17.0          | v0.17.0             | 1.16.x, 1.17.x, 1.18.x            |
-| 1.4.2  | 1.17.7  | v0.17.0          | v0.17.0             | 1.16.x, 1.17.x, 1.18.x            |
-| 1.3.0  | 1.15.10 | v12.0.0          | release-1.15        | 1.15.x, 1.16.x, 1.17.x            |
-| 1.2.0  | 1.13.6  | v10.0.0          | release-1.13        | 1.12.x, 1.13.x, 1.14.x            |
-| 1.1.0  | 1.12.1  | v9.0.0           | release-1.12        | 1.11.x, 1.12.x, 1.13.x            |
-| 1.0.0  | 1.7.6   | v4.0.0           | release-1.7         | 1.6.x, 1.7.x, 1.8.x               |
-
-See the [release notes](https://github.com/weaveworks/kured/releases)
-for specific version compatibility information, including which
-combination have been formally tested.
-
-Versions >=1.1.0 enter the host mount namespace to invoke
-`systemctl reboot`, so should work on any systemd distribution.
+Additionally, the image contains a `systemctl` binary from Ubuntu
+16.04 in order to command reboots. Again, although this has not been
+tested against other systemd distributions there is a good chance that
+it will work.

 ## Installation

 To obtain a default installation without Prometheus alerting interlock
 or Slack notifications:

-```console
-kubectl apply -f https://github.com/weaveworks/kured/releases/download/1.3.0/kured-1.3.0-dockerhub.yaml
+```
+kubectl apply -f https://github.com/weaveworks/kured/releases/download/1.0.0/kured-ds.yaml
 ```

 If you want to customise the installation, download the manifest and
@@ -74,25 +59,18 @@ edit it in accordance with the following section before application.

 The following arguments can be passed to kured via the daemonset pod template:

-```console
+```
 Flags:
-      --annotation-ttl time                  force clean annotation after this ammount of time (default 0, disabled)
-      --alert-filter-regexp regexp.Regexp   alert names to ignore when checking for active alerts
-      --blocking-pod-selector stringArray   label selector identifying pods whose presence should prevent reboots
-      --ds-name string                      name of daemonset on which to place lock (default "kured")
-      --ds-namespace string                 namespace containing daemonset on which to place lock (default "kube-system")
-      --end-time string                     only reboot before this time of day (default "23:59")
-  -h, --help                                help for kured
-      --lock-annotation string              annotation in which to record locking node (default "weave.works/kured-node-lock")
-      --period duration                     reboot check period (default 1h0m0s)
-      --prometheus-url string               Prometheus instance to probe for active alerts
-      --reboot-days strings                 only reboot on these days (default [su,mo,tu,we,th,fr,sa])
-      --reboot-sentinel string              path to file whose existence signals need to reboot (default "/var/run/reboot-required")
-      --slack-channel string                slack channel for reboot notfications
-      --slack-hook-url string               slack hook URL for reboot notfications
-      --slack-username string               slack username for reboot notfications (default "kured")
-      --start-time string                   only reboot after this time of day (default "0:00")
-      --time-zone string                    use this timezone to calculate allowed reboot time (default "UTC")
+      --alert-filter-regexp value    alert names to ignore when checking for active alerts
+      --ds-name string               namespace containing daemonset on which to place lock (default "kube-system")
+      --ds-namespace string          name of daemonset on which to place lock (default "kured")
+      --lock-annotation string       annotation in which to record locking node (default "weave.works/kured-node-lock")
+      --period duration              reboot check period (default 1h0m0s)
+      --prometheus-url string        Prometheus instance to probe for active alerts
+      --reboot-sentinel string       path to file whose existence signals need to reboot (default "/var/run/reboot-required")
+      --force-reboot-sentinel string path to file whose existence signals need to force reboot aka. ignore active prometheus alerts (default "/var/run/force-reboot-required")
+      --slack-hook-url string        slack hook URL for reboot notfications
+      --slack-username string        slack username for reboot notfications (default "kured")
 ```

 ### Reboot Sentinel File & Period
@@ -103,80 +81,32 @@ values with `--reboot-sentinel` and `--period`. Each replica of the
 daemon uses a random offset derived from the period on startup so that
 nodes don't all contend for the lock simultaneously.

-### Setting a schedule
-
-By default, kured will reboot any time it detects the sentinel, but this
-may cause reboots during odd hours.  While service disruption does not
-normally occur, anything is possible and operators may want to restrict
-reboots to predictable schedules.  Use `--reboot-days`, `--start-time`,
-`--end-time`, and `--time-zone` to set a schedule.  For example, business
-hours on the west coast USA can be specified with:
-
-```console
-  --reboot-days mon,tue,wed,thu,fri
-  --start-time 9am
-  --end-time 5pm
-  --time-zone America/Los_Angeles
-```
-
-Times can be formatted in numerous ways, including `5pm`, `5:00pm` `17:00`,
-and `17`.  `--time-zone` represents a Go `time.Location`, and can be `UTC`,
-`Local`, or any entry in the standard Linux tz database.
-
-Note that when using smaller time windows, you should consider shortening
-the sentinel check period (`--period`).
-
 ### Blocking Reboots via Alerts

 You may find it desirable to block automatic node reboots when there
 are active alerts - you can do so by providing the URL of your
 Prometheus server:

-```console
+```
 --prometheus-url=http://prometheus.monitoring.svc.cluster.local
 ```

 By default the presence of *any* active (pending or firing) alerts
 will block reboots, however you can ignore specific alerts:

-```console
+```
 --alert-filter-regexp=^(RebootRequired|AnotherBenignAlert|...$
 ```

-See the section on Prometheus metrics for an important application of this
-filter.
-
-### Blocking Reboots via Pods
-
-You can also block reboots of an _individual node_ when specific pods
-are scheduled on it:
-
-```console
--blocking-pod-selector=runtime=long,cost=expensive
-```
-
-Since label selector strings use commas to express logical 'and', you can
-specify this parameter multiple times for 'or':
-
-```console
--blocking-pod-selector=runtime=long,cost=expensive
--blocking-pod-selector=name=temperamental
-```
-
-In this case, the presence of either an (appropriately labelled) expensive long
-running job or a known temperamental pod on a node will stop it rebooting.
-
-> Try not to abuse this mechanism - it's better to strive for
-> restartability where possible. If you do use it, make sure you set
-> up a RebootRequired alert as described in the next section so that
-> you can intervene manually if reboots are blocked for too long.
+An important application of this filter will become apparent in the
+next section.

 ### Prometheus Metrics

 Each kured pod exposes a single gauge metric (`:8080/metrics`) that
 indicates the presence of the sentinel file:

-```console
+```
 # HELP kured_reboot_required OS requires reboot due to software updates.
 # TYPE kured_reboot_required gauge
 kured_reboot_required{node="ip-xxx-xxx-xxx-xxx.ec2.internal"} 0
@@ -186,7 +116,7 @@ The purpose of this metric is to power an alert which will summon an
 operator if the cluster cannot reboot itself automatically for a
 prolonged period:

-```console
+```
 # Alert if a reboot is required for any machines. Acts as a failsafe for the
 # reboot daemon, which will not reboot nodes if there are pending alerts save
 # this one.
@@ -210,7 +140,7 @@ probe for active alerts before rebooting, be sure to specify
 If you specify a Slack hook via `--slack-hook-url`, kured will notify
 you immediately prior to rebooting a node:

-![Notification](img/slack-notification.png)
+<img src="https://github.com/weaveworks/kured/raw/master/img/slack-notification.png"/>

 We recommend setting `--slack-username` to be the name of the
 environment, e.g. `dev` or `prod`.
@@ -236,7 +166,7 @@ if you have, you will have to adjust the commands accordingly.

 You can test your configuration by provoking a reboot on a node:

-```console
+```
 sudo touch /var/run/reboot-required
 ```

@@ -245,7 +175,7 @@ sudo touch /var/run/reboot-required
 If you need to temporarily stop kured from rebooting any nodes, you
 can take the lock manually:

-```console
+```
 kubectl -n kube-system annotate ds kured weave.works/kured-node-lock='{"nodeID":"manual"}'
 ```

@@ -257,63 +187,25 @@ In exceptional circumstances, such as a node experiencing a permanent
 failure whilst rebooting, manual intervention may be required to
 remove the cluster lock:

-```console
+```
 kubectl -n kube-system annotate ds kured weave.works/kured-node-lock-
 ```
-
 > NB the `-` at the end of the command is important - it instructs
 > `kubectl` to remove that annotation entirely.

-### Automatic Unlock
-
-In exceptional circumstances (especially when used with cluster-autoscaler) a node
-which holds lock might be killed thus annotation will stay there for ever.
-
-Using `--annotation-ttl=30m` will allow other nodes to take over if TTL has expired (in this case 30min) and continue reboot process.
-
 ## Building

-See the [CircleCI config](.circleci/config.yml) for the preferred
-version of Golang. Kured now uses [Go
-Modules](https://github.com/golang/go/wiki/Modules), so build
-instructions vary depending on where you have checked out the
-repository:
-
-**Building outside $GOPATH:**
-
-```console
-make
 ```
-
-**Building inside $GOPATH:**
-
-```console
-GO111MODULE=on make
+dep ensure && make
 ```

-If you are interested in contributing code to kured, please take a look at
-our [development][development] docs.
-
-[development]: DEVELOPMENT.md
-
-## Frequently Asked/Anticipated Questions
-
-### Why is there no `latest` tag on Docker Hub?
-
-Use of `latest` for production deployments is bad practice - see
-[here](https://kubernetes.io/docs/concepts/configuration/overview) for
-details. The manifest on `master` refers to `latest` for local
-development testing with minikube only; for production use choose a
-versioned manifest from the [release page](https://github.com/weaveworks/kured/releases/).
-
 ## Getting Help

 If you have any questions about, feedback for or problems with `kured`:

-* Invite yourself to the <a href="https://slack.weave.works/" target="_blank">Weave Users Slack</a>.
-* Ask a question on the [#kured](https://weave-community.slack.com/messages/kured/) slack channel.
-* [File an issue](https://github.com/weaveworks/kured/issues/new).
-* Join us in [our monthly meeting](https://docs.google.com/document/d/1bsHTjHhqaaZ7yJnXF6W8c89UB_yn-OoSZEmDnIP34n8/edit#),
-  every fourth Wednesday of the month at 16:00 UTC.
+- Invite yourself to the <a href="https://weaveworks.github.io/community-slack/" target="_blank"> #weave-community </a> slack channel.
+- Ask a question on the <a href="https://weave-community.slack.com/messages/general/"> #weave-community</a> slack channel.
+- Send an email to <a href="mailto:weave-users@weave.works">weave-users@weave.works</a>
+- <a href="https://github.com/weaveworks/kured/issues/new">File an issue.</a>

 Your feedback is always welcome!
--- a/charts/kured/.helmignore
+++ b/charts/kured/.helmignore
@@ -1,21 +0,0 @@
-# Patterns to ignore when building packages.
-# This supports shell glob matching, relative path matching, and
-# negation (prefixed with !). Only one pattern per line.
-.DS_Store
-# Common VCS dirs
-.git/
-.gitignore
-.bzr/
-.bzrignore
-.hg/
-.hgignore
-.svn/
-# Common backup files
-*.swp
-*.bak
-*.tmp
-*~
-# Various IDEs
-.project
-.idea/
-*.tmproj
--- a/charts/kured/Chart.yaml
+++ b/charts/kured/Chart.yaml
@@ -1,14 +0,0 @@
-apiVersion: v1
-appVersion: "1.4.2"
-description: A Helm chart for kured
-name: kured
-version: 2.0.0
-home: https://github.com/weaveworks/kured
-maintainers:
-  - name: dholbach
-    email: daniel@weave.works
-  - name: ckotzbauer
-    email: christian.kotzbauer@gmail.com
-sources:
-  - https://github.com/weaveworks/kured
-icon: https://raw.githubusercontent.com/weaveworks/kured/master/img/logo.png
--- a/charts/kured/README.md
+++ b/charts/kured/README.md
@@ -1,102 +0,0 @@
-# Kured (KUbernetes REboot Daemon)
-
-## Introduction
-This chart installs the "Kubernetes Reboot Daemon" using the Helm Package Manager.
-
-## Prerequisites
- Kubernetes 1.9+
-
-## Installing the Chart
-To install the chart with the release name `my-release`:
-```bash
-$ helm repo add kured https://weaveworks.github.io/kured
-$ helm install my-release kured/kured
-```
-
-## Uninstalling the Chart
-To uninstall/delete the `my-release` deployment:
-```bash
-$ helm delete my-release
-```
-
-The command removes all the Kubernetes components associated with the chart and deletes the release.
-
-
-## Migrate from stable Helm-Chart
-The following changes have been made compared to the stable chart:
- **[BREAKING CHANGE]** The `autolock` feature was removed. Use `configuration.startTime` and `configuration.endTime` instead.
- Role inconsistencies have been fixed (allowed verbs for modifying the `DaemonSet`, apiGroup of `PodSecurityPolicy`)
- Added support for affinities.
- Configuration of cli-flags can be made through a `configuration` object.
- Added optional `Service` and `ServiceMonitor` support for metrics endpoint.
-
-
-## Configuration
-
-| Config                  | Description                                                                 | Default                    |
-| ------                  | -----------                                                                 | -------                    |
-| `image.repository`      | Image repository                                                            | `weaveworks/kured` |
-| `image.tag`             | Image tag                                                                   | `1.4.2`                    |
-| `image.pullPolicy`      | Image pull policy                                                           | `IfNotPresent`             |
-| `image.pullSecrets`     | Image pull secrets                                                          | `[]`                       |
-| `updateStrategy`        | Daemonset update strategy                                                   | `OnDelete`                 |
-| `podAnnotations`        | Annotations to apply to pods (eg to add Prometheus annotations)             | `{}`                       |
-| `extraArgs`             | Extra arguments to pass to `/usr/bin/kured`. See below.                     | `{}`                       |
-| `configuration.annotationTtl` | cli-parameter `--annotation-ttl`                                      | `0`                       |
-| `configuration.alertFilterRegexp` | cli-parameter `--alert-filter-regexp`                             | `""`                       |
-| `configuration.blockingPodSelector` | Array of selectors for multiple cli-parameters `--blocking-pod-selector` | `[]`             |
-| `configuration.endTime` | cli-parameter `--end-time`                                                  | `""`                      |
-| `configuration.lockAnnotation` | cli-parameter `--lock-annotation`                                    | `""`                      |
-| `configuration.period` | cli-parameter `--period`                                                     | `""`                      |
-| `configuration.prometheusUrl` | cli-parameter `--prometheus-url`                                      | `""`                      |
-| `configuration.rebootDays` | Array of days for multiple cli-parameters `--reboot-days`                | `[]`                      |
-| `configuration.rebootSentinel` | cli-parameter `--reboot-sentinel`                                    | `""`                      |
-| `configuration.slackChannel` | cli-parameter `--slack-channel`                                        | `""`                      |
-| `configuration.slackHookUrl` | cli-parameter `--slack-hook-url`                                       | `""`                      |
-| `configuration.slackUsername` | cli-parameter `--slack-username`                                      | `""`                      |
-| `configuration.startTime` | cli-parameter `--start-time`                                              | `""`                      |
-| `configuration.timeZone` | cli-parameter `--time-zone`                                                | `""`                      |
-| `rbac.create`           | Create RBAC roles                                                           | `true`                     |
-| `serviceAccount.create` | Create a service account                                                    | `true`                     |
-| `serviceAccount.name`   | Service account name to create (or use if `serviceAccount.create` is false) | (chart fullname)           |
-| `podSecurityPolicy.create` | Create podSecurityPolicy                                                 | `false`                     |
-| `resources`             | Resources requests and limits.                                              | `{}`                       |
-| `metrics.create`        | Create a Service for the metrics endpoint                                   | `false`                    |
-| `metrics.serviceMonitor.create` | Create a ServiceMonitor for prometheus-operator                     | `true`                    |
-| `metrics.serviceMonitor.namespace` | The namespace to create the ServiceMonitor in                    | `""`                    |
-| `metrics.serviceMonitor.labels` | Additional labels for the ServiceMonitor                            | `{}`                    |
-| `metrics.serviceMonitor.interval` | Interval prometheus should scrape the endpoint                    | `60s`                   |
-| `metrics.serviceMonitor.scrapeTimeout` | A custom scrapeTimeout for prometheus                        | `""`                    |
-| `priorityClassName`     | Priority Class to be used by the pods                                       | `""`                       |
-| `tolerations`           | Tolerations to apply to the daemonset (eg to allow running on master)       | `[{"key": "node-role.kubernetes.io/master", "effect": "NoSchedule"}]`|
-| `affinity`              | Affinity for the daemonset (ie, restrict which nodes kured runs on)         | `{}`                       |
-| `nodeSelector`          | Node Selector for the daemonset (ie, restrict which nodes kured runs on)    | `{}`                       |
-
-See https://github.com/weaveworks/kured#configuration for values (not contained in the `configuration` object) for `extraArgs`. Note that
-```yaml
-extraArgs:
-  foo: 1
-  bar-baz: 2
-```
-becomes `/usr/bin/kured ... --foo=1 --bar-baz=2`.
-
-
-## Prometheus Metrics
-
-Kured exposes a single prometheus metric indicating whether a reboot is required or not (see [kured docs](https://github.com/weaveworks/kured#prometheus-metrics)) for details. 
-
-#### Prometheus-Operator
-
-```yaml
-metrics:
-  create: true
-```
-
-#### Prometheus Annotations
-
-```yaml
-podAnnotations:
-  prometheus.io/scrape: "true"
-  prometheus.io/path: "/metrics"
-  prometheus.io/port: "8080"
-```
--- a/charts/kured/templates/NOTES.txt
+++ b/charts/kured/templates/NOTES.txt
@@ -1,3 +0,0 @@
-Kured will check for /var/run/reboot-required, and reboot nodes when needed.
-
-See https://github.com/weaveworks/kured/ for details.
--- a/charts/kured/templates/_helpers.tpl
+++ b/charts/kured/templates/_helpers.tpl
@@ -1,64 +0,0 @@
-{{/* vim: set filetype=mustache: */}}
-{{/*
-Expand the name of the chart.
-*/}}
-{{- define "kured.name" -}}
-{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
-{{- end -}}
-
-{{/*
-Create a default fully qualified app name.
-We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
-If release name contains chart name it will be used as a full name.
-*/}}
-{{- define "kured.fullname" -}}
-{{- if .Values.fullnameOverride -}}
-{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
-{{- else -}}
-{{- $name := default .Chart.Name .Values.nameOverride -}}
-{{- if contains $name .Release.Name -}}
-{{- .Release.Name | trunc 63 | trimSuffix "-" -}}
-{{- else -}}
-{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
-{{- end -}}
-{{- end -}}
-{{- end -}}
-
-{{/*
-Create chart name and version as used by the chart label.
-*/}}
-{{- define "kured.chart" -}}
-{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
-{{- end -}}
-
-{{/*
-Create the name of the service account to use
-*/}}
-{{- define "kured.serviceAccountName" -}}
-{{- if .Values.serviceAccount.create -}}
-    {{ default (include "kured.fullname" .) .Values.serviceAccount.name }}
-{{- else -}}
-    {{ default "default" .Values.serviceAccount.name }}
-{{- end -}}
-{{- end -}}
-
-{{/*
-Return the appropriate apiVersion for podsecuritypolicy.
-*/}}
-{{- define "kured.psp.apiVersion" -}}
-{{- if semverCompare "<1.10-0" .Capabilities.KubeVersion.GitVersion -}}
-{{- print "extensions/v1beta1" -}}
-{{- else -}}
-{{- print "policy/v1beta1" -}}
-{{- end -}}
-{{- end -}}
-
-{{/*
-Returns a set of labels applied to each resource.
-*/}}
-{{- define "kured.labels" -}}
-app: {{ template "kured.name" . }}
-chart: {{ template "kured.chart" . }}
-release: {{ .Release.Name }}
-heritage: {{ .Release.Service }}
-{{- end -}}
--- a/charts/kured/templates/clusterrole.yaml
+++ b/charts/kured/templates/clusterrole.yaml
@@ -1,30 +0,0 @@
-{{- if .Values.rbac.create -}}
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
-  name: {{ template "kured.fullname" . }}
-  labels:
-    {{- include "kured.labels" . | nindent 4 }}
-rules:
-# Allow kured to read spec.unschedulable
-# Allow kubectl to drain/uncordon
-#
-# NB: These permissions are tightly coupled to the bundled version of kubectl; the ones below
-# match https://github.com/kubernetes/kubernetes/blob/v1.12.1/pkg/kubectl/cmd/drain.go
-#
- apiGroups: [""]
-  resources: ["nodes"]
-  verbs:     ["get", "patch"]
- apiGroups: [""]
-  resources: ["pods"]
-  verbs:     ["list","delete","get"]
- apiGroups: ["extensions"]
-  resources: ["daemonsets"]
-  verbs:     ["get"]
- apiGroups: ["apps"]
-  resources: ["daemonsets"]
-  verbs:     ["get"]
- apiGroups: [""]
-  resources: ["pods/eviction"]
-  verbs:     ["create"]
-{{- end -}}
--- a/charts/kured/templates/clusterrolebinding.yaml
+++ b/charts/kured/templates/clusterrolebinding.yaml
@@ -1,16 +0,0 @@
-{{- if .Values.rbac.create -}}
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRoleBinding
-metadata:
-  name: {{ template "kured.fullname" . }}
-  labels:
-    {{- include "kured.labels" . | nindent 4 }}
-roleRef:
-  apiGroup: rbac.authorization.k8s.io
-  kind: ClusterRole
-  name: {{ template "kured.fullname" . }}
-subjects:
- kind: ServiceAccount
-  name: {{ template "kured.serviceAccountName" . }}
-  namespace: {{ .Release.Namespace }}
-{{- end -}}
--- a/charts/kured/templates/daemonset.yaml
+++ b/charts/kured/templates/daemonset.yaml
@@ -1,118 +0,0 @@
-apiVersion: apps/v1
-kind: DaemonSet
-metadata:
-  name: {{ template "kured.fullname" . }}
-  namespace: {{ .Release.Namespace }}
-  labels:
-    {{- include "kured.labels" . | nindent 4 }}
-spec:
-  updateStrategy:
-    type: {{ .Values.updateStrategy }}
-  selector:
-    matchLabels:
-      {{- include "kured.labels" . | nindent 6 }}
-  template:
-    metadata:
-      labels:
-        {{- include "kured.labels" . | nindent 8 }}
-      {{- if .Values.podAnnotations }}
-      annotations:
-      {{- range $key, $value := .Values.podAnnotations }}
-        {{ $key }}: {{ $value | quote }}
-      {{- end }}
-      {{- end }}
-    spec:
-      serviceAccountName: {{ template "kured.serviceAccountName" . }}
-      hostPID: true
-      restartPolicy: Always
-      {{- with .Values.image.pullSecrets }}
-      imagePullSecrets:
-{{ toYaml . | indent 8 }}
-      {{- end }}
-      {{- if .Values.priorityClassName }}
-      priorityClassName: {{ .Values.priorityClassName }}
-      {{- end }}
-      containers:
-        - name: {{ .Chart.Name }}
-          image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
-          imagePullPolicy: {{ .Values.image.pullPolicy }}
-          securityContext:
-            privileged: true # Give permission to nsenter /proc/1/ns/mnt
-          resources:
-{{ toYaml .Values.resources | indent 12 }}
-          command:
-            - /usr/bin/kured
-          args:
-            - --ds-name={{ template "kured.fullname" . }}
-            - --ds-namespace={{ .Release.Namespace }}
-          {{- if .Values.configuration.annotationTtl }}
-            - --annotation-ttl={{ .Values.configuration.annotationTtl }}
-          {{- end }}
-          {{- if .Values.configuration.alertFilterRegexp }}
-            - --alert-filter-regexp={{ .Values.configuration.alertFilterRegexp | quote }}
-          {{- end }}
-          {{- range .Values.configuration.blockingPodSelector }}
-            - --blocking-pod-selector={{ . | quote }}
-          {{- end }}
-          {{- if .Values.configuration.endTime }}
-            - --end-time={{ .Values.configuration.endTime | quote }}
-          {{- end }}
-          {{- if .Values.configuration.lockAnnotation }}
-            - --lock-annotation={{ .Values.configuration.lockAnnotation | quote }}
-          {{- end }}
-          {{- if .Values.configuration.period }}
-            - --period={{ .Values.configuration.period | quote }}
-          {{- end }}
-          {{- if .Values.configuration.prometheusUrl }}
-            - --prometheus-url={{ .Values.configuration.prometheusUrl | quote }}
-          {{- end }}
-          {{- range .Values.configuration.rebootDays }}
-            - --reboot-days={{ . | quote }}
-          {{- end }}
-          {{- if .Values.configuration.rebootSentinel }}
-            - --reboot-sentinel={{ .Values.configuration.rebootSentinel | quote }}
-          {{- end }}
-          {{- if .Values.configuration.slackChannel }}
-            - --slack-channel={{ .Values.configuration.slackChannel | quote }}
-          {{- end }}
-          {{- if .Values.configuration.slackHookUrl }}
-            - --slack-hook-url={{ .Values.configuration.slackHookUrl | quote }}
-          {{- end }}
-          {{- if .Values.configuration.slackUsername }}
-            - --slack-username={{ .Values.configuration.slackUsername | quote }}
-          {{- end }}
-          {{- if .Values.configuration.startTime }}
-            - --start-time={{ .Values.configuration.startTime | quote }}
-          {{- end }}
-          {{- if .Values.configuration.timeZone }}
-            - --time-zone={{ .Values.configuration.timeZone | quote }}
-          {{- end }}
-          {{- range $key, $value := .Values.extraArgs }}
-            {{- if $value }}
-            - --{{ $key }}={{ $value }}
-            {{- else }}
-            - --{{ $key }}
-            {{- end }}
-          {{- end }}
-          ports:
-            - containerPort: 8080
-              name: metrics          
-          env:
-            # Pass in the name of the node on which this pod is scheduled
-            # for use with drain/uncordon operations and lock acquisition
-            - name: KURED_NODE_ID
-              valueFrom:
-                fieldRef:
-                  fieldPath: spec.nodeName
-      {{- with .Values.tolerations }}
-      tolerations:
-{{ toYaml . | indent 8 }}
-      {{- end }}
-      {{- with .Values.nodeSelector }}
-      nodeSelector:
-{{ toYaml . | indent 8 }}
-      {{- end }}
-      {{- with .Values.affinity }}
-      affinity:
-{{ toYaml . | indent 8 }}
-      {{- end }}
--- a/charts/kured/templates/podsecuritypolicy.yaml
+++ b/charts/kured/templates/podsecuritypolicy.yaml
@@ -1,21 +0,0 @@
-{{- if .Values.podSecurityPolicy.create}}
-apiVersion: {{ template "kured.psp.apiVersion" . }}
-kind: PodSecurityPolicy
-metadata:
-  name: {{ template "kured.fullname" . }}
-  labels:
-    {{- include "kured.labels" . | nindent 4 }}
-spec:
-  privileged: true
-  hostPID: true
-  allowedCapabilities: ['*']
-  fsGroup:
-    rule: RunAsAny
-  runAsUser:
-    rule: RunAsAny
-  seLinux:
-    rule: RunAsAny
-  supplementalGroups:
-    rule: RunAsAny
-  volumes: ['*']
-{{- end }}
--- a/charts/kured/templates/role.yaml
+++ b/charts/kured/templates/role.yaml
@@ -1,30 +0,0 @@
-{{- if .Values.rbac.create -}}
-apiVersion: rbac.authorization.k8s.io/v1
-kind: Role
-metadata:
-  namespace: {{ .Release.Namespace }}
-  name: {{ template "kured.fullname" . }}
-  labels:
-    {{- include "kured.labels" . | nindent 4 }}
-rules:
-  # Allow kured to lock/unlock itself
-  - apiGroups:     ["extensions"]
-    resources:     ["daemonsets"]
-    resourceNames: ["{{ template "kured.fullname" . }}"]
-    verbs:         ["update", "patch"]
-  - apiGroups:     ["apps"]
-    resources:     ["daemonsets"]
-    resourceNames: ["{{ template "kured.fullname" . }}"]
-    verbs:         ["update", "patch"]
-{{- if .Values.podSecurityPolicy.create }}
-  - apiGroups:     ["extensions"]
-    resources:     ["podsecuritypolicies"]
-    resourceNames: ["{{ template "kured.fullname" . }}"]
-    verbs:         ["use"]
-  - apiGroups:     ["policy"]
-    resources:     ["podsecuritypolicies"]
-    resourceNames: ["{{ template "kured.fullname" . }}"]
-    verbs:         ["use"]
-{{- end }}
-
-{{- end -}}
--- a/charts/kured/templates/rolebinding.yaml
+++ b/charts/kured/templates/rolebinding.yaml
@@ -1,17 +0,0 @@
-{{- if .Values.rbac.create -}}
-apiVersion: rbac.authorization.k8s.io/v1
-kind: RoleBinding
-metadata:
-  namespace: {{ .Release.Namespace }}
-  name: {{ template "kured.fullname" . }}
-  labels:
-    {{- include "kured.labels" . | nindent 4 }}
-subjects:
- kind: ServiceAccount
-  namespace: {{ .Release.Namespace }}
-  name: {{ template "kured.serviceAccountName" . }}
-roleRef:
-  apiGroup: rbac.authorization.k8s.io
-  kind: Role
-  name: {{ template "kured.fullname" . }}
-{{- end -}}
--- a/charts/kured/templates/service.yaml
+++ b/charts/kured/templates/service.yaml
@@ -1,15 +0,0 @@
-{{- if .Values.metrics.create }}
-apiVersion: v1
-kind: Service
-metadata:
-  name: {{ template "kured.fullname" . }}
-  labels:
-    {{- include "kured.labels" . | nindent 4 }}
-spec:
-  type: ClusterIP
-  ports:
-    - name: metrics
-      port: 8080
-  selector:
-    {{- include "kured.labels" . | nindent 4 }}
-{{- end }}
--- a/charts/kured/templates/serviceaccount.yaml
+++ b/charts/kured/templates/serviceaccount.yaml
@@ -1,9 +0,0 @@
-{{- if .Values.serviceAccount.create -}}
-apiVersion: v1
-kind: ServiceAccount
-metadata:
-  name: {{ template "kured.serviceAccountName" . }}
-  namespace: {{ .Release.Namespace }}
-  labels:
-    {{- include "kured.labels" . | nindent 4 }}
-{{- end -}}
--- a/charts/kured/templates/servicemonitor.yaml
+++ b/charts/kured/templates/servicemonitor.yaml
@@ -1,31 +0,0 @@
-{{- if and .Values.metrics.create .Values.metrics.serviceMonitor.create }}
-apiVersion: monitoring.coreos.com/v1
-kind: ServiceMonitor
-metadata:
-  name: {{ template "kured.fullname" . }}
-  {{- if .Values.metrics.serviceMonitor.namespace }}
-  namespace: {{ .Values.metrics.serviceMonitor.namespace }}
-  {{- end }}
-  labels:
-    {{- include "kured.labels" . | nindent 4 }}
-    {{- if .Values.metrics.serviceMonitor.labels }}
-    {{- toYaml .Values.metrics.serviceMonitor.labels | nindent 4 }}
-    {{- end }}
-spec:
-  endpoints:
-  - interval: {{ .Values.metrics.serviceMonitor.interval }}
-    {{- if .Values.metrics.serviceMonitor.scrapeTimeout }}
-    scrapeTimeout: {{ .Values.metrics.serviceMonitor.scrapeTimeout }}
-    {{- end }}
-    honorLabels: true
-    targetPort: 8080
-    path: /metrics
-    scheme: http
-  jobLabel: "{{ .Release.Name }}"
-  selector:
-    matchLabels:
-      {{- include "kured.labels" . | nindent 4 }}
-  namespaceSelector:
-    matchNames:
-      - {{ .Release.Namespace }}
-{{- end }}
--- a/charts/kured/values.yaml
+++ b/charts/kured/values.yaml
@@ -1,58 +0,0 @@
-image:
-  repository: weaveworks/kured
-  tag: 1.4.2
-  pullPolicy: IfNotPresent
-  pullSecrets: []
-
-updateStrategy: OnDelete
-
-podAnnotations: {}
-
-extraArgs: {}
-
-configuration:
-  annotationTtl: 0          # force clean annotation after this ammount of time (default 0, disabled)
-  alertFilterRegexp: ""     # alert names to ignore when checking for active alerts
-  blockingPodSelector: []   # label selector identifying pods whose presence should prevent reboots
-  endTime: ""               # only reboot before this time of day (default "23:59")
-  lockAnnotation: ""        # annotation in which to record locking node (default "weave.works/kured-node-lock")
-  period: ""                # reboot check period (default 1h0m0s)
-  prometheusUrl: ""         # Prometheus instance to probe for active alerts
-  rebootDays: []            # only reboot on these days (default [su,mo,tu,we,th,fr,sa])
-  rebootSentinel: ""        # path to file whose existence signals need to reboot (default "/var/run/reboot-required")
-  slackChannel: ""          # slack channel for reboot notfications
-  slackHookUrl: ""          # slack hook URL for reboot notfications
-  slackUsername: ""         # slack username for reboot notfications (default "kured")
-  startTime: ""             # only reboot after this time of day (default "0:00")
-  timeZone: ""              # time-zone to use (valid zones from "time" golang package)
-
-rbac:
-  create: true
-
-serviceAccount:
-  create: true
-  name:
-
-podSecurityPolicy:
-  create: false
-
-resources: {}
-
-metrics:
-  create: false
-  serviceMonitor:
-    create: true
-    namespace: ""
-    labels: {}
-    interval: 60s
-    scrapeTimeout: ""
-
-priorityClassName: ""
-
-tolerations:
-  - key: node-role.kubernetes.io/master
-    effect: NoSchedule
-
-affinity: {}
-
-nodeSelector: {}
--- a/cmd/kured/Dockerfile
+++ b/cmd/kured/Dockerfile
@@ -1,7 +1,6 @@
-FROM alpine:3.11
-RUN apk update && apk add ca-certificates tzdata && rm -rf /var/cache/apk/*
-# NB: you may need to update RBAC permissions when upgrading kubectl - see kured-rbac.yaml for details
-ADD https://storage.googleapis.com/kubernetes-release/release/v1.17.7/bin/linux/amd64/kubectl /usr/bin/kubectl
+FROM ubuntu:16.04
+RUN apt-get update && apt-get install -y ca-certificates && rm -rf /var/cache/apt
+ADD https://storage.googleapis.com/kubernetes-release/release/v1.9.6/bin/linux/amd64/kubectl /usr/bin/kubectl
 RUN chmod 0755 /usr/bin/kubectl
 COPY ./kured /usr/bin/kured
 ENTRYPOINT ["/usr/bin/kured"]
--- a/cmd/kured/main.go
+++ b/cmd/kured/main.go
@@ -1,7 +1,6 @@
 package main

 import (
-	"fmt"
 	"math/rand"
 	"net/http"
 	"os"
@@ -21,31 +20,22 @@ import (
 	"github.com/weaveworks/kured/pkg/daemonsetlock"
 	"github.com/weaveworks/kured/pkg/delaytick"
 	"github.com/weaveworks/kured/pkg/notifications/slack"
-	"github.com/weaveworks/kured/pkg/timewindow"
 )

 var (
 	version = "unreleased"

 	// Command line flags
-	period         time.Duration
-	dsNamespace    string
-	dsName         string
-	lockAnnotation string
-	prometheusURL  string
-	alertFilter    *regexp.Regexp
-	rebootSentinel string
-	slackHookURL   string
-	slackUsername  string
-	slackChannel   string
-	podSelectors   []string
-
-	rebootDays  []string
-	rebootStart string
-	rebootEnd   string
-	timezone    string
-
-	annotationTTL time.Duration
+	period              time.Duration
+	dsNamespace         string
+	dsName              string
+	lockAnnotation      string
+	prometheusURL       string
+	alertFilter         *regexp.Regexp
+	rebootSentinel      string
+	forceRebootSentinel string
+	slackHookURL        string
+	slackUsername       string

 	// Metrics
 	rebootRequiredGauge = prometheus.NewGaugeVec(prometheus.GaugeOpts{
@@ -79,28 +69,12 @@ func main() {
 		"alert names to ignore when checking for active alerts")
 	rootCmd.PersistentFlags().StringVar(&rebootSentinel, "reboot-sentinel", "/var/run/reboot-required",
 		"path to file whose existence signals need to reboot")
-
+	rootCmd.PersistentFlags().StringVar(&forceRebootSentinel, "force-reboot-sentinel", "/var/run/force-reboot-required",
+		"path to file whose existence signals need to force reboot")
 	rootCmd.PersistentFlags().StringVar(&slackHookURL, "slack-hook-url", "",
 		"slack hook URL for reboot notfications")
 	rootCmd.PersistentFlags().StringVar(&slackUsername, "slack-username", "kured",
 		"slack username for reboot notfications")
-	rootCmd.PersistentFlags().StringVar(&slackChannel, "slack-channel", "",
-		"slack channel for reboot notfications")
-
-	rootCmd.PersistentFlags().StringArrayVar(&podSelectors, "blocking-pod-selector", nil,
-		"label selector identifying pods whose presence should prevent reboots")
-
-	rootCmd.PersistentFlags().StringSliceVar(&rebootDays, "reboot-days", timewindow.EveryDay,
-		"schedule reboot on these days")
-	rootCmd.PersistentFlags().StringVar(&rebootStart, "start-time", "0:00",
-		"schedule reboot only after this time of day")
-	rootCmd.PersistentFlags().StringVar(&rebootEnd, "end-time", "23:59:59",
-		"schedule reboot only before this time of day")
-	rootCmd.PersistentFlags().StringVar(&timezone, "time-zone", "UTC",
-		"use this timezone for schedule inputs")
-
-	rootCmd.PersistentFlags().DurationVar(&annotationTTL, "annotation-ttl", 0,
-		"force clean annotation after this ammount of time (default 0, disabled)")

 	if err := rootCmd.Execute(); err != nil {
 		log.Fatal(err)
@@ -125,27 +99,32 @@ func newCommand(name string, arg ...string) *exec.Cmd {
 }

 func sentinelExists() bool {
-	// Relies on hostPID:true and privileged:true to enter host mount space
-	sentinelCmd := newCommand("/usr/bin/nsenter", "-m/proc/1/ns/mnt", "--", "/usr/bin/test", "-f", rebootSentinel)
-	if err := sentinelCmd.Run(); err != nil {
-		switch err := err.(type) {
-		case *exec.ExitError:
-			// We assume a non-zero exit code means 'reboot not required', but of course
-			// the user could have misconfigured the sentinel command or something else
-			// went wrong during its execution. In that case, not entering a reboot loop
-			// is the right thing to do, and we are logging stdout/stderr of the command
-			// so it should be obvious what is wrong.
-			return false
-		default:
-			// Something was grossly misconfigured, such as the command path being wrong.
-			log.Fatalf("Error invoking sentinel command: %v", err)
-		}
+	_, err := os.Stat(rebootSentinel)
+	switch {
+	case err == nil:
+		return true
+	case os.IsNotExist(err):
+		return false
+	default:
+		log.Fatalf("Unable to determine existence of sentinel: %v", err)
+		return false // unreachable; prevents compilation error
+	}
+}
+func forceRebootsentinelExists() bool {
+	_, err := os.Stat(forceRebootSentinel)
+	switch {
+	case err == nil:
+		return true
+	case os.IsNotExist(err):
+		return false
+	default:
+		log.Fatalf("Unable to determine existence of force reboot sentinel: %v", err)
+		return false // unreachable; prevents compilation error
 	}
-	return true
 }

 func rebootRequired() bool {
-	if sentinelExists() {
+	if sentinelExists() || forceRebootsentinelExists() {
 		log.Infof("Reboot required")
 		return true
 	} else {
@@ -154,7 +133,11 @@ func rebootRequired() bool {
 	}
 }

-func rebootBlocked(client *kubernetes.Clientset, nodeID string) bool {
+func rebootBlocked() bool {
+	if forceRebootsentinelExists() {
+		log.Infof("Force reboot sentinel %v exists, force rebooting activated", forceRebootSentinel)
+		return false
+	}
 	if prometheusURL != "" {
 		alertNames, err := alerts.PrometheusActiveAlerts(prometheusURL, alertFilter)
 		if err != nil {
@@ -170,31 +153,6 @@ func rebootBlocked(client *kubernetes.Clientset, nodeID string) bool {
 			return true
 		}
 	}
-
-	fieldSelector := fmt.Sprintf("spec.nodeName=%s", nodeID)
-	for _, labelSelector := range podSelectors {
-		podList, err := client.CoreV1().Pods("").List(metav1.ListOptions{
-			LabelSelector: labelSelector,
-			FieldSelector: fieldSelector,
-			Limit:         10})
-		if err != nil {
-			log.Warnf("Reboot blocked: pod query error: %v", err)
-			return true
-		}
-
-		if len(podList.Items) > 0 {
-			podNames := make([]string, 0, len(podList.Items))
-			for _, pod := range podList.Items {
-				podNames = append(podNames, pod.Name)
-			}
-			if len(podList.Continue) > 0 {
-				podNames = append(podNames, "...")
-			}
-			log.Warnf("Reboot blocked: matching pods: %v", podNames)
-			return true
-		}
-	}
-
 	return false
 }

@@ -209,8 +167,8 @@ func holding(lock *daemonsetlock.DaemonSetLock, metadata interface{}) bool {
 	return holding
 }

-func acquire(lock *daemonsetlock.DaemonSetLock, metadata interface{}, TTL time.Duration) bool {
-	holding, holder, err := lock.Acquire(metadata, TTL)
+func acquire(lock *daemonsetlock.DaemonSetLock, metadata interface{}) bool {
+	holding, holder, err := lock.Acquire(metadata)
 	switch {
 	case err != nil:
 		log.Fatalf("Error acquiring lock: %v", err)
@@ -233,13 +191,6 @@ func release(lock *daemonsetlock.DaemonSetLock) {

 func drain(nodeID string) {
 	log.Infof("Draining node %s", nodeID)
-
-	if slackHookURL != "" {
-		if err := slack.NotifyDrain(slackHookURL, slackUsername, slackChannel, nodeID); err != nil {
-			log.Warnf("Error notifying slack: %v", err)
-		}
-	}
-
 	drainCmd := newCommand("/usr/bin/kubectl", "drain",
 		"--ignore-daemonsets", "--delete-local-data", "--force", nodeID)

@@ -260,13 +211,13 @@ func commandReboot(nodeID string) {
 	log.Infof("Commanding reboot")

 	if slackHookURL != "" {
-		if err := slack.NotifyReboot(slackHookURL, slackUsername, slackChannel, nodeID); err != nil {
+		if err := slack.NotifyReboot(slackHookURL, slackUsername, nodeID); err != nil {
 			log.Warnf("Error notifying slack: %v", err)
 		}
 	}

-	// Relies on hostPID:true and privileged:true to enter host mount space
-	rebootCmd := newCommand("/usr/bin/nsenter", "-m/proc/1/ns/mnt", "/bin/systemctl", "reboot")
+	// Relies on /var/run/dbus/system_bus_socket bind mount to talk to systemd
+	rebootCmd := newCommand("/bin/systemctl", "reboot")
 	if err := rebootCmd.Run(); err != nil {
 		log.Fatalf("Error invoking reboot command: %v", err)
 	}
@@ -288,7 +239,7 @@ type nodeMeta struct {
 	Unschedulable bool `json:"unschedulable"`
 }

-func rebootAsRequired(nodeID string, window *timewindow.TimeWindow, TTL time.Duration) {
+func rebootAsRequired(nodeID string) {
 	config, err := rest.InClusterConfig()
 	if err != nil {
 		log.Fatal(err)
@@ -312,14 +263,14 @@ func rebootAsRequired(nodeID string, window *timewindow.TimeWindow, TTL time.Dur
 	source := rand.NewSource(time.Now().UnixNano())
 	tick := delaytick.New(source, period)
 	for _ = range tick {
-		if window.Contains(time.Now()) && rebootRequired() && !rebootBlocked(client, nodeID) {
+		if rebootRequired() && !rebootBlocked() {
 			node, err := client.CoreV1().Nodes().Get(nodeID, metav1.GetOptions{})
 			if err != nil {
 				log.Fatal(err)
 			}
 			nodeMeta.Unschedulable = node.Spec.Unschedulable

-			if acquire(lock, &nodeMeta, TTL) {
+			if acquire(lock, &nodeMeta) {
 				if !nodeMeta.Unschedulable {
 					drain(nodeID)
 				}
@@ -341,23 +292,11 @@ func root(cmd *cobra.Command, args []string) {
 		log.Fatal("KURED_NODE_ID environment variable required")
 	}

-	window, err := timewindow.New(rebootDays, rebootStart, rebootEnd, timezone)
-	if err != nil {
-		log.Fatalf("Failed to build time window: %v", err)
-	}
-
 	log.Infof("Node ID: %s", nodeID)
 	log.Infof("Lock Annotation: %s/%s:%s", dsNamespace, dsName, lockAnnotation)
 	log.Infof("Reboot Sentinel: %s every %v", rebootSentinel, period)
-	log.Infof("Blocking Pod Selectors: %v", podSelectors)
-	log.Infof("Reboot on: %v", window)
-	if annotationTTL > 0 {
-		log.Infof("Force annotation cleanup after: %v", annotationTTL)
-	} else {
-		log.Info("Force annotation cleanup disabled.")
-	}

-	go rebootAsRequired(nodeID, window, annotationTTL)
+	go rebootAsRequired(nodeID)
 	go maintainRebootRequiredMetric(nodeID)

 	http.Handle("/metrics", promhttp.Handler())
--- a/go.mod
+++ b/go.mod
@@ -1,15 +0,0 @@
-module github.com/weaveworks/kured
-
-go 1.13
-
-require (
-	github.com/googleapis/gnostic v0.2.0 // indirect
-	github.com/inconshreveable/mousetrap v1.0.0 // indirect
-	github.com/prometheus/client_golang v0.0.0-20181230203121-fb3d5cb2ad57
-	github.com/prometheus/common v0.0.0-20181218105931-67670fe90761
-	github.com/prometheus/procfs v0.0.0-20190102135031-14fa7590c24d // indirect
-	github.com/sirupsen/logrus v1.2.0
-	github.com/spf13/cobra v0.0.0-20181127133106-d2d81d9a96e2
-	k8s.io/apimachinery v0.17.0
-	k8s.io/client-go v0.17.0
-)
--- a/go.sum
+++ b/go.sum
@@ -1,225 +0,0 @@
-cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw=
-cloud.google.com/go v0.34.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw=
-cloud.google.com/go v0.38.0/go.mod h1:990N+gfupTy94rShfmMCWGDn0LpTmnzTp2qbd1dvSRU=
-github.com/Azure/go-autorest/autorest v0.9.0/go.mod h1:xyHB1BMZT0cuDHU7I0+g046+BFDTQ8rEZB0s4Yfa6bI=
-github.com/Azure/go-autorest/autorest/adal v0.5.0/go.mod h1:8Z9fGy2MpX0PvDjB1pEgQTmVqjGhiHBW7RJJEciWzS0=
-github.com/Azure/go-autorest/autorest/date v0.1.0/go.mod h1:plvfp3oPSKwf2DNjlBjWF/7vwR+cUD/ELuzDCXwHUVA=
-github.com/Azure/go-autorest/autorest/mocks v0.1.0/go.mod h1:OTyCOPRA2IgIlWxVYxBee2F5Gr4kF2zd2J5cFRaIDN0=
-github.com/Azure/go-autorest/autorest/mocks v0.2.0/go.mod h1:OTyCOPRA2IgIlWxVYxBee2F5Gr4kF2zd2J5cFRaIDN0=
-github.com/Azure/go-autorest/logger v0.1.0/go.mod h1:oExouG+K6PryycPJfVSxi/koC6LSNgds39diKLz7Vrc=
-github.com/Azure/go-autorest/tracing v0.5.0/go.mod h1:r/s2XiOKccPW3HrqB+W0TQzfbtp2fGCgRFtBroKn4Dk=
-github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU=
-github.com/NYTimes/gziphandler v0.0.0-20170623195520-56545f4a5d46/go.mod h1:3wb06e3pkSAbeQ52E9H9iFoQsEEwGN64994WTCIhntQ=
-github.com/PuerkitoBio/purell v1.0.0/go.mod h1:c11w/QuzBsJSee3cPx9rAFu61PvFxuPbtSwDGJws/X0=
-github.com/PuerkitoBio/urlesc v0.0.0-20160726150825-5bd2802263f2/go.mod h1:uGdkoq3SwY9Y+13GIhn11/XLaGBb4BfwItxLd5jeuXE=
-github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973 h1:xJ4a3vCFaGF/jqvzLMYoU8P317H5OQ+Via4RmuPwCS0=
-github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q=
-github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw=
-github.com/davecgh/go-spew v0.0.0-20151105211317-5215b55f46b2/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
-github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
-github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
-github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
-github.com/dgrijalva/jwt-go v3.2.0+incompatible/go.mod h1:E3ru+11k8xSBh+hMPgOLZmtrrCbhqsmaPHjLKYnJCaQ=
-github.com/docker/spdystream v0.0.0-20160310174837-449fdfce4d96/go.mod h1:Qh8CwZgvJUkLughtfhJv5dyTYa91l1fOUCrgjqmcifM=
-github.com/elazarl/goproxy v0.0.0-20170405201442-c4fc26588b6e/go.mod h1:/Zj4wYkgs4iZTTu3o/KG3Itv/qCCa8VVMlb3i9OVuzc=
-github.com/emicklei/go-restful v0.0.0-20170410110728-ff4f55a20633/go.mod h1:otzb+WCGbkyDHkqmQmT5YD2WR4BBwUdeQoFo8l/7tVs=
-github.com/evanphx/json-patch v4.2.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk=
-github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo=
-github.com/ghodss/yaml v0.0.0-20150909031657-73d445a93680/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04=
-github.com/go-logr/logr v0.1.0/go.mod h1:ixOQHD9gLJUVQQ2ZOR7zLEifBX6tGkNJF4QyIY7sIas=
-github.com/go-openapi/jsonpointer v0.0.0-20160704185906-46af16f9f7b1/go.mod h1:+35s3my2LFTysnkMfxsJBAMHj/DoqoB9knIWoYG/Vk0=
-github.com/go-openapi/jsonreference v0.0.0-20160704190145-13c6e3589ad9/go.mod h1:W3Z9FmVs9qj+KR4zFKmDPGiLdk1D9Rlm7cyMvf57TTg=
-github.com/go-openapi/spec v0.0.0-20160808142527-6aced65f8501/go.mod h1:J8+jY1nAiCcj+friV/PDoE1/3eeccG9LYBs0tYvLOWc=
-github.com/go-openapi/swag v0.0.0-20160704191624-1d0bd113de87/go.mod h1:DXUve3Dpr1UfpPtxFw+EFuQ41HhCWZfha5jSVRG7C7I=
-github.com/gogo/protobuf v1.2.2-0.20190723190241-65acae22fc9d h1:3PaI8p3seN09VjbTYC/QWlUZdZ1qS1zGjy7LH2Wt07I=
-github.com/gogo/protobuf v1.2.2-0.20190723190241-65acae22fc9d/go.mod h1:SlYgWuQ5SjCEi6WLHjHCa1yvBfUnHcTbrrZtXPKa29o=
-github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q=
-github.com/golang/groupcache v0.0.0-20160516000752-02826c3e7903/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
-github.com/golang/mock v1.1.1/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A=
-github.com/golang/mock v1.2.0/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A=
-github.com/golang/protobuf v0.0.0-20161109072736-4bd1920723d7/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
-github.com/golang/protobuf v1.2.0 h1:P3YflyNX/ehuJFLhxviNdFxQPkGK5cDcApsge1SqnvM=
-github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
-github.com/golang/protobuf v1.3.2 h1:6nsPYzhq5kReh6QImI3k5qWzO4PEbvbIW2cwSfR/6xs=
-github.com/golang/protobuf v1.3.2/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
-github.com/google/btree v0.0.0-20180813153112-4030bb1f1f0c/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ=
-github.com/google/btree v1.0.0/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ=
-github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M=
-github.com/google/go-cmp v0.3.0 h1:crn/baboCvb5fXaQ0IJ1SGTsTVrWpDsCWC8EGETZijY=
-github.com/google/go-cmp v0.3.0/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU=
-github.com/google/gofuzz v0.0.0-20161122191042-44d81051d367/go.mod h1:HP5RmnzzSNb993RKQDq4+1A4ia9nllfqcQFTQJedwGI=
-github.com/google/gofuzz v1.0.0 h1:A8PeW59pxE9IoFRqBp37U+mSNaQoZ46F1f0f863XSXw=
-github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg=
-github.com/google/martian v2.1.0+incompatible/go.mod h1:9I4somxYTbIHy5NJKHRl3wXiIaQGbYVAs8BPL6v8lEs=
-github.com/google/pprof v0.0.0-20181206194817-3ea8567a2e57/go.mod h1:zfwlbNMJ+OItoe0UupaVj+oy1omPYYDuagoSzA8v9mc=
-github.com/google/uuid v1.1.1/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
-github.com/googleapis/gax-go/v2 v2.0.4/go.mod h1:0Wqv26UfaUD9n4G6kQubkQ+KchISgw+vpHVxEJEs9eg=
-github.com/googleapis/gnostic v0.0.0-20170729233727-0c5108395e2d/go.mod h1:sJBsCZ4ayReDTBIg8b9dl28c5xFWyhBTVRp3pOg5EKY=
-github.com/googleapis/gnostic v0.2.0 h1:l6N3VoaVzTncYYW+9yOz2LJJammFZGBO13sqgEhpy9g=
-github.com/googleapis/gnostic v0.2.0/go.mod h1:sJBsCZ4ayReDTBIg8b9dl28c5xFWyhBTVRp3pOg5EKY=
-github.com/gophercloud/gophercloud v0.1.0/go.mod h1:vxM41WHh5uqHVBMZHzuwNOHh8XEoIEcSTewFxm1c5g8=
-github.com/gregjones/httpcache v0.0.0-20180305231024-9cad4c3443a7/go.mod h1:FecbI9+v66THATjSRHfNgh1IVFe/9kFxbXtjV0ctIMA=
-github.com/hashicorp/golang-lru v0.5.0/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8=
-github.com/hashicorp/golang-lru v0.5.1/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8=
-github.com/hpcloud/tail v1.0.0/go.mod h1:ab1qPbhIpdTxEkNHXyeSf5vhxWSCs/tWer42PpOxQnU=
-github.com/imdario/mergo v0.3.5/go.mod h1:2EnlNZ0deacrJVfApfmtdGgDfMuh/nq6Ok1EcJh5FfA=
-github.com/inconshreveable/mousetrap v1.0.0 h1:Z8tu5sraLXCXIcARxBp/8cbvlwVa7Z1NHg9XEKhtSvM=
-github.com/inconshreveable/mousetrap v1.0.0/go.mod h1:PxqpIevigyE2G7u3NXJIT2ANytuPF1OarO4DADm73n8=
-github.com/json-iterator/go v0.0.0-20180612202835-f2b4162afba3/go.mod h1:+SdeFBvtyEkXs7REEP0seUULqWtbJapLOCVDaaPEHmU=
-github.com/json-iterator/go v1.1.8 h1:QiWkFLKq0T7mpzwOTu6BzNDbfTE8OLrYhVKYMLF46Ok=
-github.com/json-iterator/go v1.1.8/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4=
-github.com/jstemmer/go-junit-report v0.0.0-20190106144839-af01ea7f8024/go.mod h1:6v2b51hI/fHJwM22ozAgKL4VKDeJcHhJFhtBdhmNjmU=
-github.com/kisielk/errcheck v1.2.0/go.mod h1:/BMXB+zMLi60iA8Vv6Ksmxu/1UDYcXs4uQLJ+jE2L00=
-github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck=
-github.com/konsorten/go-windows-terminal-sequences v1.0.1 h1:mweAR1A6xJ3oS2pRaGiHgQ4OO8tzTaLawm8vnODuwDk=
-github.com/konsorten/go-windows-terminal-sequences v1.0.1/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ=
-github.com/kr/pretty v0.1.0 h1:L/CwN0zerZDmRFUapSPitk6f+Q3+0za1rQkzVuMiMFI=
-github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo=
-github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ=
-github.com/kr/text v0.1.0 h1:45sCR5RtlFHMR4UwH9sdQ5TC8v0qDQCHnXt+kaKSTVE=
-github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI=
-github.com/mailru/easyjson v0.0.0-20160728113105-d5b7844b561a/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc=
-github.com/matttproud/golang_protobuf_extensions v1.0.1 h1:4hp9jkHxhMHkqkrB3Ix0jegS5sx/RkqARlsWZ6pIwiU=
-github.com/matttproud/golang_protobuf_extensions v1.0.1/go.mod h1:D8He9yQNgCq6Z5Ld7szi9bcBfOoFv/3dc6xSMkL2PC0=
-github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q=
-github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd h1:TRLaZ9cD/w8PVh93nsPXa1VrQ6jlwL5oN8l14QlcNfg=
-github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q=
-github.com/modern-go/reflect2 v0.0.0-20180320133207-05fbef0ca5da/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0=
-github.com/modern-go/reflect2 v0.0.0-20180701023420-4b7aa43c6742/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0=
-github.com/modern-go/reflect2 v1.0.1 h1:9f412s+6RmYXLWZSEzVVgPGK7C2PphHj5RJrvfx9AWI=
-github.com/modern-go/reflect2 v1.0.1/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0=
-github.com/munnerz/goautoneg v0.0.0-20120707110453-a547fc61f48d/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ=
-github.com/mxk/go-flowrate v0.0.0-20140419014527-cca7078d478f/go.mod h1:ZdcZmHo+o7JKHSa8/e818NopupXU1YMK5fe1lsApnBw=
-github.com/onsi/ginkgo v0.0.0-20170829012221-11459a886d9c/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE=
-github.com/onsi/ginkgo v1.6.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE=
-github.com/onsi/ginkgo v1.10.1/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE=
-github.com/onsi/gomega v0.0.0-20170829124025-dcabb60a477c/go.mod h1:C1qb7wdrVGGVU+Z6iS04AVkA3Q65CEZX59MT0QO5uiA=
-github.com/onsi/gomega v1.7.0/go.mod h1:ex+gbHU/CVuBBDIJjb2X0qEXbFg53c61hWP/1CpauHY=
-github.com/peterbourgon/diskv v2.0.1+incompatible/go.mod h1:uqqh8zWWbv1HBMNONnaR/tNboyR3/BZd58JJSHlUSCU=
-github.com/pmezard/go-difflib v0.0.0-20151028094244-d8ed2627bdf0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
-github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
-github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
-github.com/prometheus/client_golang v0.0.0-20181230203121-fb3d5cb2ad57 h1:+cstagqzfjiYrs1QrmypZRndHJafhB9W3ab/zPiwl1Q=
-github.com/prometheus/client_golang v0.0.0-20181230203121-fb3d5cb2ad57/go.mod h1:PS8H/EtMiYNSR3o4jWYMuyp9FkDf2ptwxn1kTerl5EM=
-github.com/prometheus/client_model v0.0.0-20180712105110-5c3871d89910 h1:idejC8f05m9MGOsuEi1ATq9shN03HrxNkD/luQvxCv8=
-github.com/prometheus/client_model v0.0.0-20180712105110-5c3871d89910/go.mod h1:MbSGuTsp3dbXC40dX6PRTWyKYBIrTGTE9sqQNg2J8bo=
-github.com/prometheus/common v0.0.0-20181218105931-67670fe90761 h1:z6tvbDJ5OLJ48FFmnksv04a78maSTRBUIhkdHYV5Y98=
-github.com/prometheus/common v0.0.0-20181218105931-67670fe90761/go.mod h1:daVV7qP5qjZbuso7PdcryaAu0sAZbrN9i7WWcTMWvro=
-github.com/prometheus/procfs v0.0.0-20181204211112-1dc9a6cbc91a/go.mod h1:c3At6R/oaqEKCNdg8wHV1ftS6bRYblBhIjjI8uT2IGk=
-github.com/prometheus/procfs v0.0.0-20190102135031-14fa7590c24d h1:iSxvUGRUGQTUgEo5+8TqMVQoH5AdaphEIjh8AnM7TPo=
-github.com/prometheus/procfs v0.0.0-20190102135031-14fa7590c24d/go.mod h1:c3At6R/oaqEKCNdg8wHV1ftS6bRYblBhIjjI8uT2IGk=
-github.com/sirupsen/logrus v1.2.0 h1:juTguoYk5qI21pwyTXY3B3Y5cOTH3ZUyZCg1v/mihuo=
-github.com/sirupsen/logrus v1.2.0/go.mod h1:LxeOpSwHxABJmUn/MG1IvRgCAasNZTLOkJPxbbu5VWo=
-github.com/spf13/afero v1.2.2/go.mod h1:9ZxEEn6pIJ8Rxe320qSDBk6AsU0r9pR7Q4OcevTdifk=
-github.com/spf13/cobra v0.0.0-20181127133106-d2d81d9a96e2 h1:gPjqutnNhLnq5t4hT2UfL06h/mvp4je4OY7Dk71vhuk=
-github.com/spf13/cobra v0.0.0-20181127133106-d2d81d9a96e2/go.mod h1:1l0Ry5zgKvJasoi3XT1TypsSe7PqH0Sj9dhYf7v3XqQ=
-github.com/spf13/pflag v0.0.0-20170130214245-9ff6c6923cff/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4=
-github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA=
-github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg=
-github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
-github.com/stretchr/objx v0.1.1/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
-github.com/stretchr/testify v0.0.0-20151208002404-e3a8ff8ce365/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs=
-github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs=
-github.com/stretchr/testify v1.3.0 h1:TivCn/peBQ7UY8ooIcPgZFpTNSz0Q2U6UrFlUfqbe0Q=
-github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI=
-github.com/stretchr/testify v1.4.0 h1:2E4SXV/wtOkTonXsotYi4li6zVWxYlZuYNCXe9XRJyk=
-github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4=
-go.opencensus.io v0.21.0/go.mod h1:mSImk1erAIZhrmZN+AvHh14ztQfjbGwt4TtuofqLduU=
-golang.org/x/crypto v0.0.0-20180904163835-0709b304e793/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4=
-golang.org/x/crypto v0.0.0-20190211182817-74369b46fc67/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4=
-golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
-golang.org/x/crypto v0.0.0-20190820162420-60c769a6c586 h1:7KByu05hhLed2MO29w7p1XfZvZ13m8mub3shuVftRs0=
-golang.org/x/crypto v0.0.0-20190820162420-60c769a6c586/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
-golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
-golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE=
-golang.org/x/lint v0.0.0-20190227174305-5b3e6a55c961/go.mod h1:wehouNa3lNwaWXcvxsM5YxQ5yQlVC4a0KAMCusXpPoU=
-golang.org/x/lint v0.0.0-20190301231843-5614ed5bae6f/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE=
-golang.org/x/net v0.0.0-20170114055629-f2499483f923/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
-golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
-golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
-golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
-golang.org/x/net v0.0.0-20181217023233-e147a9138326/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
-golang.org/x/net v0.0.0-20190108225652-1e06a53dbb7e/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
-golang.org/x/net v0.0.0-20190213061140-3a22650c66bd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
-golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
-golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
-golang.org/x/net v0.0.0-20191004110552-13f9640d40b9 h1:rjwSpXsdiK0dV8/Naq3kAw9ymfAeJIyd0upUIElB+lI=
-golang.org/x/net v0.0.0-20191004110552-13f9640d40b9/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
-golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
-golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
-golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45 h1:SVwTIAaPC2U/AvvLNZ2a7OVsmBpC8L5BlwK1whH3hm0=
-golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
-golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
-golang.org/x/sync v0.0.0-20181108010431-42b317875d0f h1:Bl/8QSvNqXvPGPGXa2z5xUTmV7VDcZyvRZ+QQXkXTZQ=
-golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
-golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4 h1:YUO/7uOKsKeq9UokNS62b8FYywz3ker1l1vDZRCRefw=
-golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
-golang.org/x/sync v0.0.0-20190227155943-e225da77a7e6/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
-golang.org/x/sys v0.0.0-20170830134202-bb24a47a89ea/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
-golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
-golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
-golang.org/x/sys v0.0.0-20180909124046-d0be0721c37e/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
-golang.org/x/sys v0.0.0-20190209173611-3b5209105503/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
-golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
-golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20190826190057-c7b8b68b1456 h1:ng0gs1AKnRRuEMZoTLLlbOd+C17zUDepwGQBb/n+JVg=
-golang.org/x/sys v0.0.0-20190826190057-c7b8b68b1456/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/text v0.0.0-20160726164857-2910a502d2bf/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
-golang.org/x/text v0.3.0 h1:g61tztE5qeGQ89tm6NTjjM9VPIm088od1l6aSorWRWg=
-golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
-golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
-golang.org/x/text v0.3.2 h1:tW2bmiBqwgJj/UpqtC8EpXEZVYOwU0yG4iWbprSVAcs=
-golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk=
-golang.org/x/time v0.0.0-20181108054448-85acf8d2951c h1:fqgJT0MGcGpPgpWU7VRdRjuArfcOvC4AoJmILihzhDg=
-golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
-golang.org/x/time v0.0.0-20190308202827-9d24e82272b4 h1:SvFZT6jyqRaOeXpc5h/JSfZenJ2O330aBsf7JfSUXmQ=
-golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
-golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
-golang.org/x/tools v0.0.0-20181011042414-1f849cf54d09/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
-golang.org/x/tools v0.0.0-20181030221726-6c7e314b6563/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
-golang.org/x/tools v0.0.0-20190114222345-bf090417da8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
-golang.org/x/tools v0.0.0-20190226205152-f727befe758c/go.mod h1:9Yl7xja0Znq3iFh3HoIrodX9oNMXvdceNzlUR8zjMvY=
-golang.org/x/tools v0.0.0-20190312170243-e65039ee4138/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs=
-google.golang.org/api v0.4.0/go.mod h1:8k5glujaEP+g9n7WNsDg8QP6cUVNI86fCNMcbazEtwE=
-google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM=
-google.golang.org/appengine v1.4.0 h1:/wp5JvzpHIxhs/dumFmF7BXTf3Z+dd4uXta4kVyO508=
-google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4=
-google.golang.org/appengine v1.5.0 h1:KxkO13IPW4Lslp2bz+KHP2E3gtFlrIGNThxkZQ3g+4c=
-google.golang.org/appengine v1.5.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4=
-google.golang.org/genproto v0.0.0-20180817151627-c66870c02cf8/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc=
-google.golang.org/genproto v0.0.0-20190307195333-5fe7a883aa19/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE=
-google.golang.org/genproto v0.0.0-20190418145605-e7d98fc518a7/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE=
-google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c=
-gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM=
-gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
-gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127 h1:qIbj1fsPNlZgppZ+VLlY7N33q108Sa+fhmuc+sWQYwY=
-gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
-gopkg.in/fsnotify.v1 v1.4.7/go.mod h1:Tz8NjZHkW78fSQdbUxIjBTcgA1z1m8ZHf0WmKUhAMys=
-gopkg.in/inf.v0 v0.9.1 h1:73M5CoZyi3ZLMOyDlQh031Cx6N9NDJ2Vvfl76EDAgDc=
-gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw=
-gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWDmTeBkI65Dw0HsyUHuEVlX15mw=
-gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
-gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw=
-gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I=
-gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
-honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
-honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
-k8s.io/api v0.17.0 h1:H9d/lw+VkZKEVIUc8F3wgiQ+FUXTTr21M87jXLU7yqM=
-k8s.io/api v0.17.0/go.mod h1:npsyOePkeP0CPwyGfXDHxvypiYMJxBWAMpQxCaJ4ZxI=
-k8s.io/apimachinery v0.17.0 h1:xRBnuie9rXcPxUkDizUsGvPf1cnlZCFu210op7J7LJo=
-k8s.io/apimachinery v0.17.0/go.mod h1:b9qmWdKlLuU9EBh+06BtLcSf/Mu89rWL33naRxs1uZg=
-k8s.io/client-go v0.17.0 h1:8QOGvUGdqDMFrm9sD6IUFl256BcffynGoe80sxgTEDg=
-k8s.io/client-go v0.17.0/go.mod h1:TYgR6EUHs6k45hb6KWjVD6jFZvJV4gHDikv/It0xz+k=
-k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0=
-k8s.io/klog v0.0.0-20181102134211-b9b56d5dfc92/go.mod h1:Gq+BEi5rUBO/HRz0bTSXDUcqjScdoY3a9IHpCEIOOfk=
-k8s.io/klog v0.3.0 h1:0VPpR+sizsiivjIfIAQH/rl8tan6jvWkS7lU+0di3lE=
-k8s.io/klog v0.3.0/go.mod h1:Gq+BEi5rUBO/HRz0bTSXDUcqjScdoY3a9IHpCEIOOfk=
-k8s.io/klog v1.0.0 h1:Pt+yjF5aB1xDSVbau4VsWe+dQNzA0qv1LlXdC2dF6Q8=
-k8s.io/klog v1.0.0/go.mod h1:4Bi6QPql/J/LkTDqv7R/cd3hPo4k2DG6Ptcz060Ez5I=
-k8s.io/kube-openapi v0.0.0-20191107075043-30be4d16710a/go.mod h1:1TqjTSzOxsLGIKfj0lK8EeCP7K1iUG65v09OM0/WG5E=
-k8s.io/utils v0.0.0-20191114184206-e782cd3c129f h1:GiPwtSzdP43eI1hpPCbROQCCIgCuiMMNF8YUVLF3vJo=
-k8s.io/utils v0.0.0-20191114184206-e782cd3c129f/go.mod h1:sZAwmy6armz5eXlNoLmJcl4F1QuKu7sr+mFQ0byX7Ew=
-sigs.k8s.io/structured-merge-diff v0.0.0-20190525122527-15d366b2352e/go.mod h1:wWxsB5ozmmv/SG7nM11ayaAW51xMvak/t1r0CSlcokI=
-sigs.k8s.io/yaml v1.1.0 h1:4A07+ZFc2wgJwo8YNlQpr1rVlgUDlxXHhPJciaPY5gs=
-sigs.k8s.io/yaml v1.1.0/go.mod h1:UJmg0vDUVViEyp3mgSv9WPwZCDxu4rQW1olrI1uml+o=
--- a/kured-ds.yaml
+++ b/kured-ds.yaml
@@ -1,40 +1,32 @@
---
-apiVersion: v1
-kind: ServiceAccount
-metadata:
-  name: kured
-  namespace: kube-system
---
-apiVersion: apps/v1
+apiVersion: extensions/v1beta1
 kind: DaemonSet
 metadata:
  name: kured            # Must match `--ds-name`
  namespace: kube-system # Must match `--ds-namespace`
 spec:
-  selector:
-    matchLabels:
-      name: kured
-  updateStrategy:
-   type: RollingUpdate
  template:
    metadata:
      labels:
        name: kured
    spec:
-      serviceAccountName: kured
-      tolerations:
-        - key: node-role.kubernetes.io/master
-          effect: NoSchedule
-      hostPID: true # Facilitate entering the host mount namespace via init
-      restartPolicy: Always
      containers:
        - name: kured
-          image: docker.io/weaveworks/kured
-                 # If you find yourself here wondering why there is no
-                 # :latest tag on Docker Hub,see the FAQ in the README
+          image: quay.io/weaveworks/kured
          imagePullPolicy: IfNotPresent
-          securityContext:
-            privileged: true # Give permission to nsenter /proc/1/ns/mnt
+          command:
+            - /usr/bin/kured
+#          args:
+#            - --alert-filter-regexp=^RebootRequired$
+#            - --ds-name=kured
+#            - --ds-namespace=kube-system
+#            - --lock-annotation=weave.works/kured-node-lock
+#            - --period=1h
+#            - --prometheus-url=http://prometheus.monitoring.svc.cluster.local
+#            - --reboot-sentinel=/var/run/reboot-required
+#            - --slack-hook-url=https://hooks.slack.com/...
+#            - --slack-username=prod
+#
+# NO USER SERVICEABLE PARTS BEYOND THIS POINT
          env:
            # Pass in the name of the node on which this pod is scheduled
            # for use with drain/uncordon operations and lock acquisition
@@ -42,22 +34,14 @@ spec:
              valueFrom:
                fieldRef:
                  fieldPath: spec.nodeName
-          command:
-            - /usr/bin/kured
-#            - --alert-filter-regexp=^RebootRequired$
-#            - --blocking-pod-selector=runtime=long,cost=expensive
-#            - --blocking-pod-selector=name=temperamental
-#            - --blocking-pod-selector=...
-#            - --ds-name=kured
-#            - --ds-namespace=kube-system
-#            - --end-time=23:59:59
-#            - --lock-annotation=weave.works/kured-node-lock
-#            - --period=1h
-#            - --prometheus-url=http://prometheus.monitoring.svc.cluster.local
-#            - --reboot-days=sun,mon,tue,wed,thu,fri,sat
-#            - --reboot-sentinel=/var/run/reboot-required
-#            - --slack-hook-url=https://hooks.slack.com/...
-#            - --slack-username=prod
-#            - --slack-channel=alerting
-#            - --start-time=0:00
-#            - --time-zone=UTC
+          volumeMounts:
+            # Needed for two purposes:
+            # * Testing for the existence of /var/run/reboot-required
+            # * Accessing /var/run/dbus/system_bus_socket to effect reboot
+            - name: hostrun
+              mountPath: /var/run
+      restartPolicy: Always
+      volumes:
+        - name: hostrun
+          hostPath:
+            path: /var/run
--- a/kured-rbac.yaml
+++ b/kured-rbac.yaml
@@ -1,63 +0,0 @@
---
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
-  name: kured
-rules:
-# Allow kured to read spec.unschedulable
-# Allow kubectl to drain/uncordon
-#
-# NB: These permissions are tightly coupled to the bundled version of kubectl; the ones below
-# match https://github.com/kubernetes/kubernetes/blob/v1.17.7/staging/src/k8s.io/kubectl/pkg/cmd/drain/drain.go
-#
- apiGroups: [""]
-  resources: ["nodes"]
-  verbs:     ["get", "patch"]
- apiGroups: [""]
-  resources: ["pods"]
-  verbs:     ["list","delete","get"]
- apiGroups: ["apps"]
-  resources: ["daemonsets"]
-  verbs:     ["get"]
- apiGroups: [""]
-  resources: ["pods/eviction"]
-  verbs:     ["create"]
---
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRoleBinding
-metadata:
-  name: kured
-roleRef:
-  apiGroup: rbac.authorization.k8s.io
-  kind: ClusterRole
-  name: kured
-subjects:
- kind: ServiceAccount
-  name: kured
-  namespace: kube-system
---
-apiVersion: rbac.authorization.k8s.io/v1
-kind: Role
-metadata:
-  namespace: kube-system
-  name: kured
-rules:
-# Allow kured to lock/unlock itself
- apiGroups:     ["apps"]
-  resources:     ["daemonsets"]
-  resourceNames: ["kured"]
-  verbs:         ["update"]
---
-apiVersion: rbac.authorization.k8s.io/v1
-kind: RoleBinding
-metadata:
-  namespace: kube-system
-  name: kured
-subjects:
- kind: ServiceAccount
-  namespace: kube-system
-  name: kured
-roleRef:
-  apiGroup: rbac.authorization.k8s.io
-  kind: Role
-  name: kured
--- a/pkg/alerts/prometheus.go
+++ b/pkg/alerts/prometheus.go
@@ -7,20 +7,19 @@ import (
 	"sort"
 	"time"

-	"github.com/prometheus/client_golang/api"
-	"github.com/prometheus/client_golang/api/prometheus/v1"
+	"github.com/prometheus/client_golang/api/prometheus"
 	"github.com/prometheus/common/model"
 )

 // Returns a list of names of active (e.g. pending or firing) alerts, filtered
 // by the supplied regexp.
 func PrometheusActiveAlerts(prometheusURL string, filter *regexp.Regexp) ([]string, error) {
-	client, err := api.NewClient(api.Config{Address: prometheusURL})
+	client, err := prometheus.New(prometheus.Config{Address: prometheusURL})
 	if err != nil {
 		return nil, err
 	}

-	queryAPI := v1.NewAPI(client)
+	queryAPI := prometheus.NewQueryAPI(client)

 	value, err := queryAPI.Query(context.Background(), "ALERTS", time.Now())
 	if err != nil {
--- a/pkg/daemonsetlock/daemonsetlock.go
+++ b/pkg/daemonsetlock/daemonsetlock.go
@@ -19,19 +19,17 @@ type DaemonSetLock struct {
 }

 type lockAnnotationValue struct {
-	NodeID   string        `json:"nodeID"`
-	Metadata interface{}   `json:"metadata,omitempty"`
-	Created  time.Time     `json:"created"`
-	TTL      time.Duration `json:"TTL"`
+	NodeID   string      `json:"nodeID"`
+	Metadata interface{} `json:"metadata,omitempty"`
 }

 func New(client *kubernetes.Clientset, nodeID, namespace, name, annotation string) *DaemonSetLock {
 	return &DaemonSetLock{client, nodeID, namespace, name, annotation}
 }

-func (dsl *DaemonSetLock) Acquire(metadata interface{}, TTL time.Duration) (acquired bool, owner string, err error) {
+func (dsl *DaemonSetLock) Acquire(metadata interface{}) (acquired bool, owner string, err error) {
 	for {
-		ds, err := dsl.client.AppsV1().DaemonSets(dsl.namespace).Get(dsl.name, metav1.GetOptions{})
+		ds, err := dsl.client.ExtensionsV1beta1().DaemonSets(dsl.namespace).Get(dsl.name, metav1.GetOptions{})
 		if err != nil {
 			return false, "", err
 		}
@@ -42,25 +40,20 @@ func (dsl *DaemonSetLock) Acquire(metadata interface{}, TTL time.Duration) (acqu
 			if err := json.Unmarshal([]byte(valueString), &value); err != nil {
 				return false, "", err
 			}
-
-			if ttlExpired(value.Created, value.TTL) {
-				return true, value.NodeID, nil
-			}
-
 			return value.NodeID == dsl.nodeID, value.NodeID, nil
 		}

 		if ds.ObjectMeta.Annotations == nil {
 			ds.ObjectMeta.Annotations = make(map[string]string)
 		}
-		value := lockAnnotationValue{NodeID: dsl.nodeID, Metadata: metadata, Created: time.Now().UTC(), TTL: TTL}
+		value := lockAnnotationValue{NodeID: dsl.nodeID, Metadata: metadata}
 		valueBytes, err := json.Marshal(&value)
 		if err != nil {
 			return false, "", err
 		}
 		ds.ObjectMeta.Annotations[dsl.annotation] = string(valueBytes)

-		_, err = dsl.client.AppsV1().DaemonSets(dsl.namespace).Update(ds)
+		_, err = dsl.client.ExtensionsV1beta1().DaemonSets(dsl.namespace).Update(ds)
 		if err != nil {
 			if se, ok := err.(*errors.StatusError); ok && se.ErrStatus.Reason == metav1.StatusReasonConflict {
 				// Something else updated the resource between us reading and writing - try again soon
@@ -75,7 +68,7 @@ func (dsl *DaemonSetLock) Acquire(metadata interface{}, TTL time.Duration) (acqu
 }

 func (dsl *DaemonSetLock) Test(metadata interface{}) (holding bool, err error) {
-	ds, err := dsl.client.AppsV1().DaemonSets(dsl.namespace).Get(dsl.name, metav1.GetOptions{})
+	ds, err := dsl.client.ExtensionsV1beta1().DaemonSets(dsl.namespace).Get(dsl.name, metav1.GetOptions{})
 	if err != nil {
 		return false, err
 	}
@@ -86,11 +79,6 @@ func (dsl *DaemonSetLock) Test(metadata interface{}) (holding bool, err error) {
 		if err := json.Unmarshal([]byte(valueString), &value); err != nil {
 			return false, err
 		}
-
-		if ttlExpired(value.Created, value.TTL) {
-			return true, nil
-		}
-
 		return value.NodeID == dsl.nodeID, nil
 	}

@@ -99,7 +87,7 @@ func (dsl *DaemonSetLock) Test(metadata interface{}) (holding bool, err error) {

 func (dsl *DaemonSetLock) Release() error {
 	for {
-		ds, err := dsl.client.AppsV1().DaemonSets(dsl.namespace).Get(dsl.name, metav1.GetOptions{})
+		ds, err := dsl.client.ExtensionsV1beta1().DaemonSets(dsl.namespace).Get(dsl.name, metav1.GetOptions{})
 		if err != nil {
 			return err
 		}
@@ -110,7 +98,7 @@ func (dsl *DaemonSetLock) Release() error {
 			if err := json.Unmarshal([]byte(valueString), &value); err != nil {
 				return err
 			}
-			if value.NodeID != dsl.nodeID && !ttlExpired(value.Created, value.TTL) {
+			if value.NodeID != dsl.nodeID {
 				return fmt.Errorf("Not lock holder: %v", value.NodeID)
 			}
 		} else {
@@ -119,7 +107,7 @@ func (dsl *DaemonSetLock) Release() error {

 		delete(ds.ObjectMeta.Annotations, dsl.annotation)

-		_, err = dsl.client.AppsV1().DaemonSets(dsl.namespace).Update(ds)
+		_, err = dsl.client.ExtensionsV1beta1().DaemonSets(dsl.namespace).Update(ds)
 		if err != nil {
 			if se, ok := err.(*errors.StatusError); ok && se.ErrStatus.Reason == metav1.StatusReasonConflict {
 				// Something else updated the resource between us reading and writing - try again soon
@@ -132,10 +120,3 @@ func (dsl *DaemonSetLock) Release() error {
 		return nil
 	}
 }
-
-func ttlExpired(created time.Time, ttl time.Duration) bool {
-	if ttl > 0 && time.Since(created) >= ttl {
-		return true
-	}
-	return false
-}
--- a/pkg/daemonsetlock/daemonsetlock_test.go
+++ b/pkg/daemonsetlock/daemonsetlock_test.go
@@ -1,28 +0,0 @@
-package daemonsetlock
-
-import (
-	"testing"
-	"time"
-)
-
-func TestTtlExpired(t *testing.T) {
-	d := time.Date(2020, 05, 05, 14, 15, 0, 0, time.UTC)
-	second, _ := time.ParseDuration("1s")
-	zero, _ := time.ParseDuration("0m")
-
-	tests := []struct {
-		created time.Time
-		ttl     time.Duration
-		result  bool
-	}{
-		{d, second, true},
-		{time.Now(), second, false},
-		{d, zero, false},
-	}
-
-	for i, tst := range tests {
-		if ttlExpired(tst.created, tst.ttl) != tst.result {
-			t.Errorf("Test %d failed, expected %v but got %v", i, tst.result, !tst.result)
-		}
-	}
-}
--- a/pkg/notifications/slack/slack.go
+++ b/pkg/notifications/slack/slack.go
@@ -15,14 +15,12 @@ var (
 type body struct {
 	Text     string `json:"text,omitempty"`
 	Username string `json:"username,omitempty"`
-	Channel  string `json:"channel,omitempty"`
 }

-func notify(hookURL, username, channel, message string) error {
+func NotifyReboot(hookURL, username, nodeID string) error {
 	msg := body{
-		Text:     message,
+		Text:     fmt.Sprintf("Rebooting node %s", nodeID),
 		Username: username,
-		Channel:  channel,
 	}

 	var buf bytes.Buffer
@@ -42,11 +40,3 @@ func notify(hookURL, username, channel, message string) error {

 	return nil
 }
-
-func NotifyDrain(hookURL, username, channel, nodeID string) error {
-	return notify(hookURL, username, channel, fmt.Sprintf("Draining node %s", nodeID))
-}
-
-func NotifyReboot(hookURL, username, channel, nodeID string) error {
-	return notify(hookURL, username, channel, fmt.Sprintf("Rebooting node %s", nodeID))
-}
--- a/pkg/timewindow/days.go
+++ b/pkg/timewindow/days.go
@@ -1,91 +0,0 @@
-package timewindow
-
-import (
-	"fmt"
-	"strconv"
-	"strings"
-	"time"
-)
-
-var EveryDay = []string{"su", "mo", "tu", "we", "th", "fr", "sa"}
-
-// dayStrings maps day strings to time.Weekdays
-var dayStrings = map[string]time.Weekday{
-	"su":        time.Sunday,
-	"sun":       time.Sunday,
-	"sunday":    time.Sunday,
-	"mo":        time.Monday,
-	"mon":       time.Monday,
-	"monday":    time.Monday,
-	"tu":        time.Tuesday,
-	"tue":       time.Tuesday,
-	"tuesday":   time.Tuesday,
-	"we":        time.Wednesday,
-	"wed":       time.Wednesday,
-	"wednesday": time.Wednesday,
-	"th":        time.Thursday,
-	"thu":       time.Thursday,
-	"thursday":  time.Thursday,
-	"fr":        time.Friday,
-	"fri":       time.Friday,
-	"friday":    time.Friday,
-	"sa":        time.Saturday,
-	"sat":       time.Saturday,
-	"saturday":  time.Saturday,
-}
-
-type weekdays uint32
-
-// parseWeekdays creates a set of weekdays from a string slice
-func parseWeekdays(days []string) (weekdays, error) {
-	var result uint32
-	for _, day := range days {
-		if len(day) == 0 {
-			continue
-		}
-
-		weekday, err := parseWeekday(day)
-		if err != nil {
-			return weekdays(0), err
-		}
-
-		result |= 1 << uint32(weekday)
-	}
-
-	return weekdays(result), nil
-}
-
-// Contains returns true if the specified weekday is a member of this set.
-func (w weekdays) Contains(day time.Weekday) bool {
-	return uint32(w)&(1<<uint32(day)) != 0
-}
-
-// String returns a string representation of the set of weekdays.
-func (w weekdays) String() string {
-	var b strings.Builder
-	for i := uint32(0); i < 7; i++ {
-		if uint32(w)&(1<<i) != 0 {
-			b.WriteString(time.Weekday(i).String()[0:3])
-		} else {
-			b.WriteString("---")
-		}
-	}
-
-	return b.String()
-}
-
-func parseWeekday(day string) (time.Weekday, error) {
-	if n, err := strconv.Atoi(day); err == nil {
-		if n >= 0 && n < 7 {
-			return time.Weekday(n), nil
-		} else {
-			return time.Sunday, fmt.Errorf("Invalid weekday, number out of range: %s", day)
-		}
-	}
-
-	if weekday, ok := dayStrings[strings.ToLower(day)]; ok {
-		return weekday, nil
-	} else {
-		return time.Sunday, fmt.Errorf("Invalid weekday: %s", day)
-	}
-}
--- a/pkg/timewindow/days_test.go
+++ b/pkg/timewindow/days_test.go
@@ -1,46 +0,0 @@
-package timewindow
-
-import (
-	"strings"
-	"testing"
-)
-
-func TestParseWeekdays(t *testing.T) {
-	tests := []struct {
-		input  string
-		result string
-	}{
-		{"0,4", "Sun---------Thu------"},
-		{"su,mo,tu", "SunMonTue------------"},
-		{"sunday,tu,thu", "Sun---Tue---Thu------"},
-		{"THURSDAY", "------------Thu------"},
-		{"we,WED,WeDnEsDaY", "---------Wed---------"},
-		{"", "---------------------"},
-		{",,,", "---------------------"},
-	}
-
-	for _, tst := range tests {
-		res, err := parseWeekdays(strings.Split(tst.input, ","))
-		if err != nil {
-			t.Errorf("Received error for input %s: %v", tst.input, err)
-		} else if res.String() != tst.result {
-			t.Errorf("Test %s: Expected %s got %s", tst.input, tst.result, res.String())
-		}
-	}
-}
-
-func TestParseWeekdaysErrors(t *testing.T) {
-	tests := []string{
-		"15",
-		"-8",
-		"8",
-		"mon,tue,wed,fridayyyy",
-	}
-
-	for _, tst := range tests {
-		_, err := parseWeekdays(strings.Split(tst, ","))
-		if err == nil {
-			t.Errorf("Expected to receive error for input %s", tst)
-		}
-	}
-}
--- a/pkg/timewindow/timewindow.go
+++ b/pkg/timewindow/timewindow.go
@@ -1,68 +0,0 @@
-package timewindow
-
-import (
-	"fmt"
-	"time"
-)
-
-// TimeWindow specifies a schedule of days and times.
-type TimeWindow struct {
-	days      weekdays
-	location  *time.Location
-	startTime time.Time
-	endTime   time.Time
-}
-
-// New creates a TimeWindow instance based on string inputs specifying a schedule.
-func New(days []string, startTime, endTime, location string) (*TimeWindow, error) {
-	tw := &TimeWindow{}
-
-	var err error
-	if tw.days, err = parseWeekdays(days); err != nil {
-		return nil, err
-	}
-
-	if tw.location, err = time.LoadLocation(location); err != nil {
-		return nil, err
-	}
-
-	if tw.startTime, err = parseTime(startTime, tw.location); err != nil {
-		return nil, err
-	}
-
-	if tw.endTime, err = parseTime(endTime, tw.location); err != nil {
-		return nil, err
-	}
-
-	return tw, nil
-}
-
-// Contains determines whether the specified time is within this time window.
-func (tw *TimeWindow) Contains(t time.Time) bool {
-	loctime := t.In(tw.location)
-	if !tw.days.Contains(loctime.Weekday()) {
-		return false
-	}
-
-	start := time.Date(loctime.Year(), loctime.Month(), loctime.Day(), tw.startTime.Hour(), tw.startTime.Minute(), tw.startTime.Second(), 0, tw.location)
-	end := time.Date(loctime.Year(), loctime.Month(), loctime.Day(), tw.endTime.Hour(), tw.endTime.Minute(), tw.endTime.Second(), 1e9-1, tw.location)
-
-	return (loctime.After(start) || loctime.Equal(start)) && (loctime.Before(end) || loctime.Equal(end))
-}
-
-// String returns a string representation of this time window.
-func (tw *TimeWindow) String() string {
-	return fmt.Sprintf("%s between %02d:%02d and %02d:%02d %s", tw.days.String(), tw.startTime.Hour(), tw.startTime.Minute(), tw.endTime.Hour(), tw.endTime.Minute(), tw.location.String())
-}
-
-// parseTime tries to parse a time with several formats.
-func parseTime(s string, loc *time.Location) (time.Time, error) {
-	fmts := []string{"15:04", "15:04:05", "03:04pm", "15", "03pm", "3pm"}
-	for _, f := range fmts {
-		if t, err := time.ParseInLocation(f, s, loc); err == nil {
-			return t, nil
-		}
-	}
-
-	return time.Now(), fmt.Errorf("Invalid time format: %s", s)
-}
--- a/pkg/timewindow/timewindow_test.go
+++ b/pkg/timewindow/timewindow_test.go
@@ -1,60 +0,0 @@
-package timewindow
-
-import (
-	"strings"
-	"testing"
-	"time"
-)
-
-func TestTimeWindows(t *testing.T) {
-	type testcase struct {
-		time   string
-		result bool
-	}
-
-	tests := []struct {
-		days  string
-		start string
-		end   string
-		loc   string
-		cases []testcase
-	}{
-		{"mon,tue,wed,thu,fri", "9am", "5pm", "America/Los_Angeles", []testcase{
-			{"2019/04/04 00:49 PDT", false},
-			{"2019/04/05 08:59 PDT", false},
-			{"2019/04/05 9:01 PDT", true},
-			{"2019/03/31 10:00 PDT", false},
-			{"2019/04/04 12:00 PDT", true},
-			{"2019/04/04 11:59 UTC", false},
-		}},
-		{"mon,we,fri", "10:01", "11:30am", "America/Los_Angeles", []testcase{
-			{"2019/04/05 10:30 PDT", true},
-			{"2019/04/06 10:30 PDT", false},
-			{"2019/04/07 10:30 PDT", false},
-			{"2019/04/08 10:30 PDT", true},
-			{"2019/04/09 10:30 PDT", false},
-			{"2019/04/10 10:30 PDT", true},
-			{"2019/04/11 10:30 PDT", false},
-		}},
-		{"mo,tu,we,th,fr", "00:00", "23:59:59", "UTC", []testcase{
-			{"2019/04/18 00:00 UTC", true},
-			{"2019/04/18 23:59 UTC", true},
-		}},
-	}
-
-	for i, tst := range tests {
-		tw, err := New(strings.Split(tst.days, ","), tst.start, tst.end, tst.loc)
-		if err != nil {
-			t.Errorf("Test [%d] failed to create TimeWindow: %v", i, err)
-		}
-
-		for _, cas := range tst.cases {
-			tm, err := time.ParseInLocation("2006/01/02 15:04 MST", cas.time, tw.location)
-			if err != nil {
-				t.Errorf("Failed to parse time \"%s\": %v", cas.time, err)
-			} else if cas.result != tw.Contains(tm) {
-				t.Errorf("(%s) contains (%s) didn't match expected result of %v", tw.String(), cas.time, cas.result)
-			}
-		}
-	}
-}
Author	SHA1	Message	Date
Frank Vissing	6a4dcc8fb3	reboot if forceRebootSentinel exists	2018-06-01 13:29:49 +02:00
Frank Vissing	989594acbf	Update main.go fix spelling	2018-05-15 14:19:08 +02:00
Frank Vissing	1b5565cbae	adding option to force reboot, ignoring active allerts	2018-05-15 12:40:54 +02:00