github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2025-07-22 11:21:47 +00:00
Code Issues Projects Releases Wiki Activity
Production-Grade Container Scheduling and Management
110,989 Commits 42 Branches 7,905 Tags 1.3 GiB
Go 97%
Shell 2.6%
PowerShell 0.2%
b296f82c69
Go to file
Sascha Grunert b296f82c69
Sort kubelet pods by their creation time 
There is a corner case when blocking Pod termination via a lifecycle
preStop hook, for example by using this StateFulSet:

```yaml
apiVersion: apps/v1
kind: StatefulSet
metadata:
  name: web
spec:
  selector:
    matchLabels:
      app: ubi
  serviceName: "ubi"
  replicas: 1
  template:
    metadata:
      labels:
        app: ubi
    spec:
      terminationGracePeriodSeconds: 1000
      containers:
      - name: ubi
        image: ubuntu:22.04
        command: ['sh', '-c', 'echo The app is running! && sleep 360000']
        ports:
        - containerPort: 80
          name: web
        lifecycle:
          preStop:
            exec:
              command:
              - /bin/sh
              - -c
              - 'echo aaa; trap : TERM INT; sleep infinity & wait'
```

After creation, downscaling, forced deletion and upscaling of the
replica like this:

```
> kubectl apply -f sts.yml
> kubectl scale sts web --replicas=0
> kubectl delete pod web-0 --grace-period=0 --force
> kubectl scale sts web --replicas=1
```

We will end up having two pods running by the container runtime, while
the API only reports one:

```
> kubectl get pods
NAME    READY   STATUS    RESTARTS   AGE
web-0   1/1     Running   0          92s
```

```
> sudo crictl pods
POD ID              CREATED              STATE     NAME     NAMESPACE     ATTEMPT     RUNTIME
e05bb7dbb7e44       12 minutes ago       Ready     web-0    default       0           (default)
d90088614c73b       12 minutes ago       Ready     web-0    default       0           (default)
```

When now running `kubectl exec -it web-0 -- ps -ef`, there is a random chance that we hit the wrong
container reporting the lifecycle command `/bin/sh -c echo aaa; trap : TERM INT; sleep infinity & wait`.

This is caused by the container lookup via its name (and no podUID) at:
02109414e8/pkg/kubelet/kubelet_pods.go (L1905-L1914)

And more specifiy by the conversion of the pod result map to a slice in `GetPods`:
02109414e8/pkg/kubelet/kuberuntime/kuberuntime_manager.go (L407-L411)

We now solve that unexpected behavior by tracking the creation time of
the pod and sorting the result based on that. This will cause to always
match the most recently created pod.

Signed-off-by: Sascha Grunert <sgrunert@redhat.com>
2022-10-13 16:32:44 +02:00
.github Make root approval non-recursive 2022-10-10 08:26:53 -04:00
api Merge pull request #112643 from SergeyKanzhelev/removeDynamicKubeletConfig 2022-10-12 01:33:00 -07:00
build Move root approvers to subdirs 2022-10-10 13:43:03 -04:00
CHANGELOG CHANGELOG: Update directory for v1.26.0-alpha.2 release 2022-10-11 23:27:20 +00:00
cluster Move root approvers to subdirs 2022-10-10 13:43:03 -04:00
cmd Merge pull request #112643 from SergeyKanzhelev/removeDynamicKubeletConfig 2022-10-12 01:33:00 -07:00
docs Make root approval non-recursive 2022-10-10 08:26:53 -04:00
hack Move root approvers to subdirs 2022-10-10 13:43:03 -04:00
LICENSES Make root approval non-recursive 2022-10-10 08:26:53 -04:00
logo Make root approval non-recursive 2022-10-10 08:26:53 -04:00
pkg Sort kubelet pods by their creation time 2022-10-13 16:32:44 +02:00
plugin Merge pull request #112643 from SergeyKanzhelev/removeDynamicKubeletConfig 2022-10-12 01:33:00 -07:00
staging Merge pull request #113022 from logicalhan/webhook-metrics 2022-10-12 17:51:00 -07:00
test account for timing ratio histogram function calls 2022-10-12 14:44:28 -07:00
third_party Make root approval non-recursive 2022-10-10 08:26:53 -04:00
vendor Merge pull request #112926 from jiahuif-forks/refactor/cel-out-of-apiextensions 2022-10-12 15:03:03 -07:00
.generated_files remove clearly unnecessary lingering BUILD file references 2022-10-04 16:47:25 -07:00
.gitattributes review staging go.mod files 2019-05-10 15:40:43 -04:00
.gitignore Remove refs to .make 2022-10-04 08:58:52 -07:00
.golangci.yaml delete hardcode go version in golangci-lint config 2022-08-07 11:43:07 +08:00
CHANGELOG.md CHANGELOG: Move changelog, soft-link to top-level, refresh listing 2020-02-06 01:04:44 -05:00
code-of-conduct.md Update code-of-conduct.md 2017-12-20 13:33:36 -05:00
CONTRIBUTING.md Remove stale analytics links from docs 2020-11-18 07:04:48 -06:00
go.mod Bump golang.org/x/text to v0.3.8 2022-10-11 23:30:39 +02:00
go.sum Bump golang.org/x/text to v0.3.8 2022-10-11 23:30:39 +02:00
LICENSE
Makefile move build related files out of the root directory 2017-05-15 15:53:54 -07:00
OWNERS Add sig-architecture-approvers and dep-approvers to root dir 2022-10-10 13:43:04 -04:00
OWNERS_ALIASES Add liggitt to dep-approvers alias 2022-10-11 21:05:18 -04:00
README.md update k8s url 2022-05-02 20:55:55 +08:00
SECURITY_CONTACTS Update SECURITY_CONTACTS with current PSC 2019-05-29 15:22:35 +05:30
SUPPORT.md Update SUPPORT.md 2022-06-27 16:58:44 +02:00

README.md

Kubernetes (K8s)

GoPkg Widget CII Best Practices

Kubernetes, also known as K8s, is an open source system for managing containerized applications across multiple hosts. It provides basic mechanisms for deployment, maintenance, and scaling of applications.

Kubernetes builds upon a decade and a half of experience at Google running production workloads at scale using a system called Borg, combined with best-of-breed ideas and practices from the community.

Kubernetes is hosted by the Cloud Native Computing Foundation (CNCF). If your company wants to help shape the evolution of technologies that are container-packaged, dynamically scheduled, and microservices-oriented, consider joining the CNCF. For details about who's involved and how Kubernetes plays a role, read the CNCF announcement.

To start using K8s

See our documentation on kubernetes.io.

Try our interactive tutorial.

Take a free course on Scalable Microservices with Kubernetes.

To use Kubernetes code as a library in other applications, see the list of published components. Use of the k8s.io/kubernetes module or k8s.io/kubernetes/... packages as libraries is not supported.

To start developing K8s

The community repository hosts all information about building Kubernetes from source, how to contribute code and documentation, who to contact about what, etc.

If you want to build Kubernetes right away there are two options:

You have a working Go environment.
mkdir -p $GOPATH/src/k8s.io
cd $GOPATH/src/k8s.io
git clone https://github.com/kubernetes/kubernetes
cd kubernetes
make
You have a working Docker environment.
git clone https://github.com/kubernetes/kubernetes
cd kubernetes
make quick-release

For the full story, head over to the developer's documentation.

Support

If you need support, start with the troubleshooting guide, and work your way through the process that we've outlined.

That said, if you have questions, reach out to us one way or another.

Community Meetings

The Calendar has the list of all the meetings in Kubernetes community in a single location.

Adopters

The User Case Studies website has real-world use cases of organizations across industries that are deploying/migrating to Kubernetes.

Governance

Kubernetes project is governed by a framework of principles, values, policies and processes to help our community and constituents towards our shared goals.

The Kubernetes Community is the launching point for learning about how we organize ourselves.

The Kubernetes Steering community repo is used by the Kubernetes Steering Committee, which oversees governance of the Kubernetes project.

Roadmap

The Kubernetes Enhancements repo provides information about Kubernetes releases, as well as feature tracking and backlogs.