diff --git a/api/openapi-spec/swagger.json b/api/openapi-spec/swagger.json index 4a4ae07f13f..b42c340ab3f 100644 --- a/api/openapi-spec/swagger.json +++ b/api/openapi-spec/swagger.json @@ -9778,7 +9778,7 @@ "x-kubernetes-patch-strategy": "merge" }, "containerStatuses": { - "description": "The list has one entry per container in the manifest. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-and-container-status", + "description": "Statuses of containers in this pod. Each container in the pod should have at most one status in this list, and all statuses should be for containers in the pod. However this is not enforced. If a status for a non-existent container is present in the list, or the list has duplicate names, the behavior of various Kubernetes components is not defined and those statuses might be ignored. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-and-container-status", "items": { "$ref": "#/definitions/io.k8s.api.core.v1.ContainerStatus" }, @@ -9786,7 +9786,7 @@ "x-kubernetes-list-type": "atomic" }, "ephemeralContainerStatuses": { - "description": "Status for any ephemeral containers that have run in this pod.", + "description": "Statuses for any ephemeral containers that have run in this pod. Each ephemeral container in the pod should have at most one status in this list, and all statuses should be for containers in the pod. However this is not enforced. If a status for a non-existent container is present in the list, or the list has duplicate names, the behavior of various Kubernetes components is not defined and those statuses might be ignored. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-and-container-status", "items": { "$ref": "#/definitions/io.k8s.api.core.v1.ContainerStatus" }, @@ -9808,7 +9808,7 @@ "x-kubernetes-patch-strategy": "merge" }, "initContainerStatuses": { - "description": "The list has one entry per init container in the manifest. The most recent successful init container will have ready = true, the most recently started container will have startTime set. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-and-container-status", + "description": "Statuses of init containers in this pod. The most recent successful non-restartable init container will have ready = true, the most recently started container will have startTime set. Each init container in the pod should have at most one status in this list, and all statuses should be for containers in the pod. However this is not enforced. If a status for a non-existent container is present in the list, or the list has duplicate names, the behavior of various Kubernetes components is not defined and those statuses might be ignored. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#pod-and-container-status", "items": { "$ref": "#/definitions/io.k8s.api.core.v1.ContainerStatus" }, diff --git a/api/openapi-spec/v3/api__v1_openapi.json b/api/openapi-spec/v3/api__v1_openapi.json index 4fcb8da68a7..2bd8ae42067 100644 --- a/api/openapi-spec/v3/api__v1_openapi.json +++ b/api/openapi-spec/v3/api__v1_openapi.json @@ -5811,7 +5811,7 @@ "x-kubernetes-patch-strategy": "merge" }, "containerStatuses": { - "description": "The list has one entry per container in the manifest. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-and-container-status", + "description": "Statuses of containers in this pod. Each container in the pod should have at most one status in this list, and all statuses should be for containers in the pod. However this is not enforced. If a status for a non-existent container is present in the list, or the list has duplicate names, the behavior of various Kubernetes components is not defined and those statuses might be ignored. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-and-container-status", "items": { "allOf": [ { @@ -5824,7 +5824,7 @@ "x-kubernetes-list-type": "atomic" }, "ephemeralContainerStatuses": { - "description": "Status for any ephemeral containers that have run in this pod.", + "description": "Statuses for any ephemeral containers that have run in this pod. Each ephemeral container in the pod should have at most one status in this list, and all statuses should be for containers in the pod. However this is not enforced. If a status for a non-existent container is present in the list, or the list has duplicate names, the behavior of various Kubernetes components is not defined and those statuses might be ignored. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-and-container-status", "items": { "allOf": [ { @@ -5856,7 +5856,7 @@ "x-kubernetes-patch-strategy": "merge" }, "initContainerStatuses": { - "description": "The list has one entry per init container in the manifest. The most recent successful init container will have ready = true, the most recently started container will have startTime set. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-and-container-status", + "description": "Statuses of init containers in this pod. The most recent successful non-restartable init container will have ready = true, the most recently started container will have startTime set. Each init container in the pod should have at most one status in this list, and all statuses should be for containers in the pod. However this is not enforced. If a status for a non-existent container is present in the list, or the list has duplicate names, the behavior of various Kubernetes components is not defined and those statuses might be ignored. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#pod-and-container-status", "items": { "allOf": [ { diff --git a/pkg/apis/core/types.go b/pkg/apis/core/types.go index b624561c0d9..e44aee7dadf 100644 --- a/pkg/apis/core/types.go +++ b/pkg/apis/core/types.go @@ -4148,16 +4148,37 @@ type PodStatus struct { // +optional QOSClass PodQOSClass - // The list has one entry per init container in the manifest. The most recent successful + // Statuses of init containers in this pod. The most recent successful non-restartable // init container will have ready = true, the most recently started container will have // startTime set. + // Each init container in the pod should have at most one status in this list, + // and all statuses should be for containers in the pod. + // However this is not enforced. + // If a status for a non-existent container is present in the list, or the list has duplicate names, + // the behavior of various Kubernetes components is not defined and those statuses might be + // ignored. // More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#pod-and-container-status InitContainerStatuses []ContainerStatus - // The list has one entry per app container in the manifest. + + // Statuses of containers in this pod. + // Each container in the pod should have at most one status in this list, + // and all statuses should be for containers in the pod. + // However this is not enforced. + // If a status for a non-existent container is present in the list, or the list has duplicate names, + // the behavior of various Kubernetes components is not defined and those statuses might be + // ignored. + // More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-and-container-status // +optional ContainerStatuses []ContainerStatus - // Status for any ephemeral containers that have run in this pod. + // Statuses for any ephemeral containers that have run in this pod. + // Each ephemeral container in the pod should have at most one status in this list, + // and all statuses should be for containers in the pod. + // However this is not enforced. + // If a status for a non-existent container is present in the list, or the list has duplicate names, + // the behavior of various Kubernetes components is not defined and those statuses might be + // ignored. + // More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-and-container-status // +optional EphemeralContainerStatuses []ContainerStatus diff --git a/pkg/apis/core/validation/validation.go b/pkg/apis/core/validation/validation.go index ce43a87da2d..fa0d6e731cc 100644 --- a/pkg/apis/core/validation/validation.go +++ b/pkg/apis/core/validation/validation.go @@ -5370,6 +5370,10 @@ func ValidatePodStatusUpdate(newPod, oldPod *core.Pod, opts PodValidationOptions // Pod QoS is immutable allErrs = append(allErrs, ValidateImmutableField(newPod.Status.QOSClass, oldPod.Status.QOSClass, fldPath.Child("qosClass"))...) + // Note: there is no check that ContainerStatuses, InitContainerStatuses, and EphemeralContainerStatuses doesn't have duplicate conatainer names + // or statuses of containers that are not defined in the pod spec. Changing this may lead to a breaking changes. So consumers of those fields + // must account for unexpected data. Kubelet will never report statuses like this. + // // If pod should not restart, make sure the status update does not transition // any terminated containers to a non-terminated state. allErrs = append(allErrs, ValidateContainerStateTransition(newPod.Status.ContainerStatuses, oldPod.Status.ContainerStatuses, fldPath.Child("containerStatuses"), oldPod.Spec.RestartPolicy)...) diff --git a/pkg/generated/openapi/zz_generated.openapi.go b/pkg/generated/openapi/zz_generated.openapi.go index d49e1c9f1b5..98525ef5496 100644 --- a/pkg/generated/openapi/zz_generated.openapi.go +++ b/pkg/generated/openapi/zz_generated.openapi.go @@ -28718,7 +28718,7 @@ func schema_k8sio_api_core_v1_PodStatus(ref common.ReferenceCallback) common.Ope }, }, SchemaProps: spec.SchemaProps{ - Description: "The list has one entry per init container in the manifest. The most recent successful init container will have ready = true, the most recently started container will have startTime set. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-and-container-status", + Description: "Statuses of init containers in this pod. The most recent successful non-restartable init container will have ready = true, the most recently started container will have startTime set. Each init container in the pod should have at most one status in this list, and all statuses should be for containers in the pod. However this is not enforced. If a status for a non-existent container is present in the list, or the list has duplicate names, the behavior of various Kubernetes components is not defined and those statuses might be ignored. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#pod-and-container-status", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ @@ -28737,7 +28737,7 @@ func schema_k8sio_api_core_v1_PodStatus(ref common.ReferenceCallback) common.Ope }, }, SchemaProps: spec.SchemaProps{ - Description: "The list has one entry per container in the manifest. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-and-container-status", + Description: "Statuses of containers in this pod. Each container in the pod should have at most one status in this list, and all statuses should be for containers in the pod. However this is not enforced. If a status for a non-existent container is present in the list, or the list has duplicate names, the behavior of various Kubernetes components is not defined and those statuses might be ignored. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-and-container-status", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ @@ -28764,7 +28764,7 @@ func schema_k8sio_api_core_v1_PodStatus(ref common.ReferenceCallback) common.Ope }, }, SchemaProps: spec.SchemaProps{ - Description: "Status for any ephemeral containers that have run in this pod.", + Description: "Statuses for any ephemeral containers that have run in this pod. Each ephemeral container in the pod should have at most one status in this list, and all statuses should be for containers in the pod. However this is not enforced. If a status for a non-existent container is present in the list, or the list has duplicate names, the behavior of various Kubernetes components is not defined and those statuses might be ignored. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-and-container-status", Type: []string{"array"}, Items: &spec.SchemaOrArray{ Schema: &spec.Schema{ diff --git a/pkg/kubelet/types/types.go b/pkg/kubelet/types/types.go index 8e2499121e6..1cc6ceaef09 100644 --- a/pkg/kubelet/types/types.go +++ b/pkg/kubelet/types/types.go @@ -72,7 +72,8 @@ func (s SortedContainerStatuses) Less(i, j int) bool { } // SortInitContainerStatuses ensures that statuses are in the order that their -// init container appears in the pod spec +// init container appears in the pod spec. The function assumes there are no +// duplicate names in the statuses. func SortInitContainerStatuses(p *v1.Pod, statuses []v1.ContainerStatus) { containers := p.Spec.InitContainers current := 0 diff --git a/staging/src/k8s.io/api/core/v1/generated.proto b/staging/src/k8s.io/api/core/v1/generated.proto index b3f3ffbda11..83db89531ac 100644 --- a/staging/src/k8s.io/api/core/v1/generated.proto +++ b/staging/src/k8s.io/api/core/v1/generated.proto @@ -4513,14 +4513,26 @@ message PodStatus { // +optional optional .k8s.io.apimachinery.pkg.apis.meta.v1.Time startTime = 7; - // The list has one entry per init container in the manifest. The most recent successful + // Statuses of init containers in this pod. The most recent successful non-restartable // init container will have ready = true, the most recently started container will have // startTime set. - // More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-and-container-status + // Each init container in the pod should have at most one status in this list, + // and all statuses should be for containers in the pod. + // However this is not enforced. + // If a status for a non-existent container is present in the list, or the list has duplicate names, + // the behavior of various Kubernetes components is not defined and those statuses might be + // ignored. + // More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#pod-and-container-status // +listType=atomic repeated ContainerStatus initContainerStatuses = 10; - // The list has one entry per container in the manifest. + // Statuses of containers in this pod. + // Each container in the pod should have at most one status in this list, + // and all statuses should be for containers in the pod. + // However this is not enforced. + // If a status for a non-existent container is present in the list, or the list has duplicate names, + // the behavior of various Kubernetes components is not defined and those statuses might be + // ignored. // More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-and-container-status // +optional // +listType=atomic @@ -4532,7 +4544,14 @@ message PodStatus { // +optional optional string qosClass = 9; - // Status for any ephemeral containers that have run in this pod. + // Statuses for any ephemeral containers that have run in this pod. + // Each ephemeral container in the pod should have at most one status in this list, + // and all statuses should be for containers in the pod. + // However this is not enforced. + // If a status for a non-existent container is present in the list, or the list has duplicate names, + // the behavior of various Kubernetes components is not defined and those statuses might be + // ignored. + // More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-and-container-status // +optional // +listType=atomic repeated ContainerStatus ephemeralContainerStatuses = 13; diff --git a/staging/src/k8s.io/api/core/v1/types.go b/staging/src/k8s.io/api/core/v1/types.go index 9f1c3ec6035..c661c52ad6b 100644 --- a/staging/src/k8s.io/api/core/v1/types.go +++ b/staging/src/k8s.io/api/core/v1/types.go @@ -4851,24 +4851,45 @@ type PodStatus struct { // +optional StartTime *metav1.Time `json:"startTime,omitempty" protobuf:"bytes,7,opt,name=startTime"` - // The list has one entry per init container in the manifest. The most recent successful + // Statuses of init containers in this pod. The most recent successful non-restartable // init container will have ready = true, the most recently started container will have // startTime set. - // More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-and-container-status + // Each init container in the pod should have at most one status in this list, + // and all statuses should be for containers in the pod. + // However this is not enforced. + // If a status for a non-existent container is present in the list, or the list has duplicate names, + // the behavior of various Kubernetes components is not defined and those statuses might be + // ignored. + // More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#pod-and-container-status // +listType=atomic InitContainerStatuses []ContainerStatus `json:"initContainerStatuses,omitempty" protobuf:"bytes,10,rep,name=initContainerStatuses"` - // The list has one entry per container in the manifest. + // Statuses of containers in this pod. + // Each container in the pod should have at most one status in this list, + // and all statuses should be for containers in the pod. + // However this is not enforced. + // If a status for a non-existent container is present in the list, or the list has duplicate names, + // the behavior of various Kubernetes components is not defined and those statuses might be + // ignored. // More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-and-container-status // +optional // +listType=atomic ContainerStatuses []ContainerStatus `json:"containerStatuses,omitempty" protobuf:"bytes,8,rep,name=containerStatuses"` + // The Quality of Service (QOS) classification assigned to the pod based on resource requirements // See PodQOSClass type for available QOS classes // More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-qos/#quality-of-service-classes // +optional QOSClass PodQOSClass `json:"qosClass,omitempty" protobuf:"bytes,9,rep,name=qosClass"` - // Status for any ephemeral containers that have run in this pod. + + // Statuses for any ephemeral containers that have run in this pod. + // Each ephemeral container in the pod should have at most one status in this list, + // and all statuses should be for containers in the pod. + // However this is not enforced. + // If a status for a non-existent container is present in the list, or the list has duplicate names, + // the behavior of various Kubernetes components is not defined and those statuses might be + // ignored. + // More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-and-container-status // +optional // +listType=atomic EphemeralContainerStatuses []ContainerStatus `json:"ephemeralContainerStatuses,omitempty" protobuf:"bytes,13,rep,name=ephemeralContainerStatuses"` diff --git a/staging/src/k8s.io/api/core/v1/types_swagger_doc_generated.go b/staging/src/k8s.io/api/core/v1/types_swagger_doc_generated.go index 5aa15255db7..cc473a90fac 100644 --- a/staging/src/k8s.io/api/core/v1/types_swagger_doc_generated.go +++ b/staging/src/k8s.io/api/core/v1/types_swagger_doc_generated.go @@ -1847,10 +1847,10 @@ var map_PodStatus = map[string]string{ "podIP": "podIP address allocated to the pod. Routable at least within the cluster. Empty if not yet allocated.", "podIPs": "podIPs holds the IP addresses allocated to the pod. If this field is specified, the 0th entry must match the podIP field. Pods may be allocated at most 1 value for each of IPv4 and IPv6. This list is empty if no IPs have been allocated yet.", "startTime": "RFC 3339 date and time at which the object was acknowledged by the Kubelet. This is before the Kubelet pulled the container image(s) for the pod.", - "initContainerStatuses": "The list has one entry per init container in the manifest. The most recent successful init container will have ready = true, the most recently started container will have startTime set. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-and-container-status", - "containerStatuses": "The list has one entry per container in the manifest. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-and-container-status", + "initContainerStatuses": "Statuses of init containers in this pod. The most recent successful non-restartable init container will have ready = true, the most recently started container will have startTime set. Each init container in the pod should have at most one status in this list, and all statuses should be for containers in the pod. However this is not enforced. If a status for a non-existent container is present in the list, or the list has duplicate names, the behavior of various Kubernetes components is not defined and those statuses might be ignored. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#pod-and-container-status", + "containerStatuses": "Statuses of containers in this pod. Each container in the pod should have at most one status in this list, and all statuses should be for containers in the pod. However this is not enforced. If a status for a non-existent container is present in the list, or the list has duplicate names, the behavior of various Kubernetes components is not defined and those statuses might be ignored. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-and-container-status", "qosClass": "The Quality of Service (QOS) classification assigned to the pod based on resource requirements See PodQOSClass type for available QOS classes More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-qos/#quality-of-service-classes", - "ephemeralContainerStatuses": "Status for any ephemeral containers that have run in this pod.", + "ephemeralContainerStatuses": "Statuses for any ephemeral containers that have run in this pod. Each ephemeral container in the pod should have at most one status in this list, and all statuses should be for containers in the pod. However this is not enforced. If a status for a non-existent container is present in the list, or the list has duplicate names, the behavior of various Kubernetes components is not defined and those statuses might be ignored. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-and-container-status", "resize": "Status of resources resize desired for pod's containers. It is empty if no resources resize is pending. Any changes to container resources will automatically set this to \"Proposed\"", "resourceClaimStatuses": "Status of resource claims.", }