A pod that cannot be started yet (due to static pod fullname
exclusion when UIDs are reused) must be accounted for in the
pod worker since it is considered to have been admitted and will
eventually start.
Due to a bug we accidentally cleared pendingUpdate for pods that
cannot start yet which means we can't report the right metric to
users in kubelet_working_pods and in theory we might fail to start
the pod in the future (although we currently have not observed
that in tests that should catch such an error). Describe, implement,
and test the invariant that when startPodSync returns in every path
that either activeUpdate OR pendingUpdate is set on the status, but
never both, and is only nil when the pod can never start.
This bug was detected by a "programmer error" assertion we added
on metrics that were not being reported, suggesting that we should
be more aggressive on using log assertions and automating detection
in tests.
Prior to this change, we wait until the DEK is used to perform an
encryption before validating the response. This means that the
plugin could report healthy but all TransformToStorage calls would
fail. Now we correctly cause the plugin to become unhealthy and do
not attempt to use the newly generated DEK.
Signed-off-by: Monis Khan <mok@microsoft.com>
Prior to this change, we wait until the DEK is used to perform an
encryption before validating the response. This means that the
plugin could report healthy but all TransformToStorage calls would
fail. Now we correctly cause the plugin to become unhealthy and do
not attempt to use the newly generated DEK.
Signed-off-by: Monis Khan <mok@microsoft.com>
this check needs to go after any mutations. After the mutating admission chain, rest.BeforeUpdate (which is responsible for reverting updates to immutable timestamp fields, among other things.) is called in the store.Update function. Without moving this check, it will be possible for an object to be written to etcd with only a change to its managed fields timestamp.
`findAndRemoveDeletedPods()` processes only pods from volume_manager cache: `dswp.desiredStateOfWorld.GetVolumesToMount()`. `podWorker` calls volume_manager `WaitForUnmount()` asynchronously. If it happens after populator cleaned up resources, an entry is added to `processedPods` and will never be seen. Let's cleanup such entries if they don't have a pod and marked for deletion.
