Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

prevent pods/status from touching ownerreferences #45826

Merged
merged 1 commit into from
May 15, 2017
Merged

prevent pods/status from touching ownerreferences #45826

merged 1 commit into from
May 15, 2017

Conversation

deads2k
Copy link
Contributor

@deads2k deads2k commented May 15, 2017
edited by derekwaynecarr
Loading

pods/status updates touching ownerreferences causes new fields to be dropped.

I think we really want to protect our metatdata by default with something like #45552 . This fixes the immediate problem.

prevent pods/status from touching ownerreferences

@derekwaynecarr @eparis

@k8s-ci-robot k8s-ci-robot added the cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. label May 15, 2017
@deads2k deads2k mentioned this pull request May 15, 2017
Merged
@k8s-github-robot k8s-github-robot added approved Indicates a PR has been approved by an approver from all required OWNERS files. size/XS Denotes a PR that changes 0-9 lines, ignoring generated files. release-note-label-needed labels May 15, 2017
@derekwaynecarr derekwaynecarr self-assigned this May 15, 2017
smarterclayton
smarterclayton reviewed May 15, 2017
View reviewed changes
pkg/registry/core/pod/strategy.go

// don't allow the pods/status endpoint to touch owner references since old kubelets corrupt them in a way
// that breaks garbage collection
newPod.OwnerReferences = oldPod.OwnerReferences
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Probably should guard this by "if terminating".

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Probably should guard this by "if terminating".

I think this is a general statement. pods/status probably shouldn't be updating ownerrefs under any circumstances

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

i worry the terminating guard may cause other side effects. i prefer to keep it as-is.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

we need to keep this as-is. guarding on termination is insufficient. the older kubelets hit status update failures independent of the pod deletion problem when paired with this plug-in.

@derekwaynecarr
Copy link
Member

i thought strategies are run after admission control checks unless it was changed.

@deads2k
Copy link
Contributor Author

deads2k commented May 15, 2017

i thought strategies are run after admission control checks unless it was changed.

this is the spot to fix the data regardless of what admission chain is running.

@derekwaynecarr derekwaynecarr added release-note Denotes a PR that will be considered when it comes time to generate release notes. and removed release-note-label-needed labels May 15, 2017
@derekwaynecarr derekwaynecarr added this to the v1.6 milestone May 15, 2017
@derekwaynecarr
Copy link
Member

/lgtm

@k8s-ci-robot k8s-ci-robot added the lgtm "Looks good to me", indicates that a PR is ready to be merged. label May 15, 2017
@k8s-github-robot
Copy link

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: deads2k, derekwaynecarr

Needs approval from an approver in each of these OWNERS Files:

You can indicate your approval by writing /approve in a comment
You can cancel your approval by writing /approve cancel in a comment

@k8s-github-robot
Copy link

Automatic merge from submit-queue (batch tested with PRs 45826, 45747, 45548, 45606, 41766)

@k8s-github-robot k8s-github-robot merged commit e9a98cb into kubernetes:master May 15, 2017
@deads2k deads2k deleted the api-11-ownerreferences branch August 3, 2017 20:09
@k8s-cherrypick-bot
Copy link

Commit found in the "release-1.6" branch appears to be this PR. Removing the "cherrypick-candidate" label. If this is an error find help to get your PR picked.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@derekwaynecarr derekwaynecarr derekwaynecarr left review comments

@smarterclayton smarterclayton smarterclayton left review comments

Assignees

@caesarxuchao caesarxuchao

@derekwaynecarr derekwaynecarr

@wojtek-t wojtek-t

Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. lgtm "Looks good to me", indicates that a PR is ready to be merged. release-note Denotes a PR that will be considered when it comes time to generate release notes. size/XS Denotes a PR that changes 0-9 lines, ignoring generated files.
Projects
None yet
Milestone
v1.6
Development

Successfully merging this pull request may close these issues.
8 participants
@deads2k @derekwaynecarr @k8s-github-robot @k8s-cherrypick-bot @smarterclayton @caesarxuchao @wojtek-t @k8s-ci-robot