Production-Grade Container Scheduling and Management
Go to file
Kubernetes Submit Queue 4796c7b409 Merge pull request #40727 from Random-Liu/handle-cri-in-place-upgrade
Automatic merge from submit-queue

CRI: Handle cri in-place upgrade

Fixes https://github.com/kubernetes/kubernetes/issues/40051.

## How does this PR restart/remove legacy containers/sandboxes?
With this PR, dockershim will convert and return legacy containers and infra containers as regular containers/sandboxes. Then we can rely on the SyncPod logic to stop the legacy containers/sandboxes, and the garbage collector to remove the legacy containers/sandboxes.

To forcibly trigger restart:
* For infra containers, we manually set `hostNetwork` to opposite value to trigger a restart (See [here](https://github.com/kubernetes/kubernetes/blob/master/pkg/kubelet/kuberuntime/kuberuntime_manager.go#L389))
* For application containers, they will be restarted with the infra container.
## How does this PR avoid extra overhead when there is no legacy container/sandbox?
For the lack of some labels, listing legacy containers needs extra `docker ps`. We should not introduce constant performance regression for legacy container cleanup. So we added the `legacyCleanupFlag`:
* In `ListContainers` and `ListPodSandbox`, only do extra `ListLegacyContainers` and `ListLegacyPodSandbox` when `legacyCleanupFlag` is `NotDone`.
* When dockershim starts, it will check whether there are legacy containers/sandboxes.
  * If there are none, it will mark `legacyCleanupFlag` as `Done`.
  * If there are any, it will leave `legacyCleanupFlag` as `NotDone`, and start a goroutine periodically check whether legacy cleanup is done.
This makes sure that there is overhead only when there are legacy containers/sandboxes not cleaned up yet.

## Caveats
* In-place upgrade will cause kubelet to restart all running containers.
* RestartNever container will not be restarted.
* Garbage collector sometimes keep the legacy containers for a long time if there aren't too many containers on the node. In that case, dockershim will keep performing extra `docker ps` which introduces overhead.
  * Manually remove all legacy containers will fix this.
  * Should we garbage collect legacy containers/sandboxes in dockershim by ourselves? /cc @yujuhong 
* Host port will not be reclaimed for the lack of checkpoint for legacy sandboxes. https://github.com/kubernetes/kubernetes/pull/39903 /cc @freehan 

/cc @yujuhong @feiskyer @dchen1107 @kubernetes/sig-node-api-reviews 
**Release note**:

```release-note
We should mention the caveats of in-place upgrade in release note.
```
2017-02-03 22:17:56 -08:00
.github Fix issue template to read more clearly 2017-01-27 10:15:06 -07:00
api Init containers in GA - generated code 2017-02-03 01:08:25 +01:00
build Merge pull request #40561 from ixdy/bazel-src-tarball 2017-02-01 12:32:48 -08:00
cluster Avoid evicting critical pods in Kubelet if a special feature gate is enabled 2017-02-02 11:32:20 -08:00
cmd Update generated files 2017-02-03 08:15:46 +01:00
docs Init containers in GA - generated code 2017-02-03 01:08:25 +01:00
examples examples: PV docs clarify Azure storage account restriction 2017-02-03 13:04:59 -08:00
federation Merge pull request #40862 from shashidharatd/kubefed-3 2017-02-03 06:48:45 -08:00
Godeps Update generated files 2017-01-29 21:41:45 +01:00
hack Merge pull request #40374 from fejta/e2e 2017-02-03 15:05:57 -08:00
hooks Fix spelling in package naming linter error message 2016-12-20 15:48:14 -05:00
logo Updated top level owners file to match new format 2017-01-19 11:29:16 -08:00
pkg Merge pull request #40727 from Random-Liu/handle-cri-in-place-upgrade 2017-02-03 22:17:56 -08:00
plugin Merge pull request #39914 from kevin-wangzefeng/forgiveness-library-changes 2017-02-03 15:05:55 -08:00
staging Merge pull request #40894 from MHBauer/groupmetafactoryargs-doc 2017-02-03 16:22:46 -08:00
test Merge pull request #39914 from kevin-wangzefeng/forgiveness-library-changes 2017-02-03 15:05:55 -08:00
third_party Update generated files 2017-01-25 19:49:45 +01:00
translations Merge pull request #40645 from brendandburns/fr 2017-01-31 21:27:52 -08:00
vendor Update generated files 2017-02-03 08:15:46 +01:00
.bazelrc bazel: save git version in kubernetes.tar.gz 2017-01-23 17:28:08 -08:00
.gazelcfg.json Generate a dummy BUILD file in _output/local/go to keep Bazel out of trouble 2017-01-05 22:05:17 -08:00
.generated_docs Revert "Add the ability to edit fields within a config map." 2017-01-25 09:12:32 -05:00
.generated_files List generated files for the github size munger 2016-11-15 15:47:22 -08:00
.gitattributes Add -diff attributes for generated files 2016-12-08 17:12:07 -08:00
.gitignore
BUILD.bazel bazel: save git version in kubernetes.tar.gz 2017-01-23 17:28:08 -08:00
CHANGELOG.md Update 1.6.0-alpha.1 changelog 2017-01-31 12:02:24 -05:00
code-of-conduct.md
CONTRIBUTING.md updated munge-docs 2016-11-29 01:35:11 -08:00
labels.yaml
LICENSE LICENSE: revert modifications to Apache license 2016-11-22 11:44:46 -08:00
Makefile test/node_e2e: wire-in "container-runtime" for local tests 2017-02-01 20:34:51 +00:00
Makefile.generated_files Remove a from each codegen path 2016-12-30 18:44:32 -08:00
OWNERS Add wojtec to global approvers 2017-01-25 11:57:00 -06:00
OWNERS_ALIASES OWNERS: Create sig-node alias 2017-01-17 16:25:40 -08:00
README.md Tidy up the main README. 2017-02-01 20:13:09 -08:00
Vagrantfile
WORKSPACE upgrade to latest build rules 2017-02-01 15:16:43 -08:00

Kubernetes

Submit Queue Widget GoDoc Widget

Introduction

Kubernetes is an open source system for managing containerized applications across multiple hosts, providing basic mechanisms for deployment, maintenance, and scaling of applications. Kubernetes is hosted by the Cloud Native Computing Foundation (CNCF).

Kubernetes builds upon a decade and a half of experience at Google running production workloads at scale using a system called Borg, combined with best-of-breed ideas and practices from the community.


Are you ...

Code of Conduct

The Kubernetes community abides by the CNCF code of conduct. Here is an excerpt:

As contributors and maintainers of this project, and in the interest of fostering an open and welcoming community, we pledge to respect all people who contribute through reporting issues, posting feature requests, updating documentation, submitting pull requests or patches, and other activities.

Community

Do you want to help shape the evolution of technologies that are container-packaged, dynamically-scheduled and microservices-oriented?. If you are a company, you should consider joining the CNCF. For details about who's involved in CNCF and how Kubernetes plays a role, read the announcement. For general information about our community, see the website community page.

Contribute

If you're interested in being a contributor and want to get involved in developing Kubernetes, get started with this reading:

You will then most certainly gain a lot from joining a SIG, attending the regular hangouts as well as the community meeting.

If you have an idea for a new feature, see the Kubernetes Features repository for a list of features that are coming in new releases as well as details on how to propose one.

Building Kubernetes for the impatient

If you want to build Kubernetes right away there are two options:

$ go get -d k8s.io/kubernetes
$ cd $GOPATH/src/k8s.io/kubernetes
$ make
$ git clone https://github.com/kubernetes/kubernetes
$ cd kubernetes
$ make quick-release

If you are less impatient, head over to the developer's documentation.

Support

While there are many different channels that you can use to get hold of us (Slack, Stack Overflow, Issues, Forums/Mailing lists), you can help make sure that we are efficient in getting you the help that you need.

If you need support, start with the troubleshooting guide and work your way through the process that we've outlined.

That said, if you have questions, reach out to us one way or another. We don't bite!

Analytics