Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add mesh preStop lifecycle hooks to transient CDI pods #3162

Closed
wants to merge 2 commits into from
Closed

Add mesh preStop lifecycle hooks to transient CDI pods #3162

wants to merge 2 commits into from

Conversation

bc185174
Copy link
Contributor

@bc185174 bc185174 commented Apr 3, 2024
edited
Loading

What this PR does / why we need it:

If the annotation sidecar.istio.io/inject (istio) or linkerd.io/inject (linkerd) is present on CDI's transient pods (not owned by ReplicaSet i.e. k8s jobs), a lifecycle prestop hook is added to those containers to ensure the sidecar proxies are shutdown.

Linkerd: https://linkerd.io/2.15/tasks/graceful-shutdown/#graceful-shutdown-of-job-and-cronjob-resources
Istio: https://discuss.istio.io/t/best-practices-for-jobs/4968

Transient pods with the lifecycle hook change:

  • Prep claim pod.
  • Size detection pod.
  • Importer pod.
  • Clone source pod.
  • Upload pod.

Which issue(s) this PR fixes (optional, in fixes #<issue number>(, fixes #<issue_number>, ...) format, will close the issue(s) when PR gets merged):
Fixes #3012

Special notes for your reviewer:

Release note:

CDI pods which are short-lived and not owned by a ReplicaSet are configured with a preStop lifecycle hook to kill service mesh side car containers on shutdown. Pods included:

- Prep claim pod.
- Size detection pod.
- Importer pod.
- Clone source pod.
- Upload pod.

This allows users to mesh these pods, either adding the annotation `linkerd.io/inject` for linkerd or `sidecar.istio.io/inject` for istio.

@kubevirt-bot kubevirt-bot added do-not-merge/work-in-progress Indicates that a PR should not merge because it is a work in progress. release-note Denotes a PR that will be considered when it comes time to generate release notes. dco-signoff: no Indicates the PR's author has not DCO signed all their commits. labels Apr 3, 2024
@kubevirt-bot
Copy link
Contributor

Hi @bc185174. Thanks for your PR.

PRs from untrusted users cannot be marked as trusted with /ok-to-test in this repo meaning untrusted PR authors can never trigger tests themselves. Collaborators can still trigger tests on the PR using /test all.

I understand the commands that are listed here.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@kubevirt-bot
Copy link
Contributor

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by:
Once this PR has been reviewed and has the lgtm label, please assign mhenriks for approval. For more information see the Kubernetes Code Review Process.

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@bc185174 bc185174 force-pushed the add-prestop-hook-for-meshed-pods branch from 4d49377 to bf467d8 Compare April 3, 2024 14:16
@kubevirt-bot kubevirt-bot added dco-signoff: yes Indicates the PR's author has DCO signed all their commits. and removed dco-signoff: no Indicates the PR's author has not DCO signed all their commits. labels Apr 3, 2024
@mhenriks
Copy link
Member

mhenriks commented Apr 3, 2024

/ok-to-test

@akalenyu
Copy link
Collaborator

akalenyu commented Apr 4, 2024

/ok-to-test

Apparently, it's been disabled for a while now
kubevirt/project-infra#3243
/test all

@bc185174 would you consider using the builder until we converge on #3158?

@kubevirt-bot
Copy link
Contributor

@bc185174: The following tests failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:

Test name Commit Details Required Rerun command
pull-cdi-linter bf467d8 link false /test pull-cdi-linter
pull-cdi-verify-go-mod bf467d8 link false /test pull-cdi-verify-go-mod
pull-cdi-generate-verify bf467d8 link false /test pull-cdi-generate-verify
pull-containerized-data-importer-e2e-nfs bf467d8 link true /test pull-containerized-data-importer-e2e-nfs
pull-containerized-data-importer-e2e-hpp-latest bf467d8 link true /test pull-containerized-data-importer-e2e-hpp-latest
pull-containerized-data-importer-e2e-ceph bf467d8 link true /test pull-containerized-data-importer-e2e-ceph
pull-containerized-data-importer-e2e-istio bf467d8 link true /test pull-containerized-data-importer-e2e-istio
pull-containerized-data-importer-e2e-hpp-previous bf467d8 link true /test pull-containerized-data-importer-e2e-hpp-previous
pull-containerized-data-importer-e2e-upg bf467d8 link true /test pull-containerized-data-importer-e2e-upg
pull-containerized-data-importer-e2e-destructive bf467d8 link true /test pull-containerized-data-importer-e2e-destructive
pull-containerized-data-importer-non-csi-hpp bf467d8 link true /test pull-containerized-data-importer-non-csi-hpp
pull-containerized-data-importer-e2e-ceph-wffc bf467d8 link true /test pull-containerized-data-importer-e2e-ceph-wffc

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here.

@bc185174 bc185174 force-pushed the add-prestop-hook-for-meshed-pods branch from bf467d8 to b1b20ee Compare April 9, 2024 14:35
@bc185174
Copy link
Contributor Author

bc185174 commented Apr 9, 2024

/ok-to-test

Apparently, it's been disabled for a while now kubevirt/project-infra#3243 /test all

@bc185174 would you consider using the builder until we converge on #3158?

Yeah of course thats fine - just looking at why the BUILD.bazel producing a diff.

@bc185174
Copy link
Contributor Author

Closing for now until figure out another solution.

#3012 (comment)

@bc185174 bc185174 closed this Apr 11, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mhenriks mhenriks mhenriks left review comments

@arnongilboa arnongilboa Awaiting requested review from arnongilboa

@ShellyKa13 ShellyKa13 Awaiting requested review from ShellyKa13

Assignees
No one assigned
Labels
dco-signoff: yes Indicates the PR's author has DCO signed all their commits. do-not-merge/work-in-progress Indicates that a PR should not merge because it is a work in progress. release-note Denotes a PR that will be considered when it comes time to generate release notes. size/L
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Custom lifecycle hooks configured via CDIConfig
4 participants
@bc185174 @kubevirt-bot @mhenriks @akalenyu