KEP-1972: kubelet exec probe timeouts #1973
Conversation
k8s-ci-robot
added
the
cncf-cla: yes
|
/assign @SergeyKanzhelev For initial review |
k8s-ci-robot
added
the
size/L
k8s-ci-robot
added
kind/kep
andrewsykim
force-pushed
the
kubelet-exec-timeout
branch
from
58ef3bc to
95a36f6
Compare
| the timeout value is supported in the Container Probe API. Because exec probe timeouts | ||
| were never respected by kubelet, a new feature gate `ExecProbeTimeouts` will be introduced | ||
| so users have an easy way to revert back if the newly introduced probe timeout results | ||
| in unexpected behavior. |
There was a problem hiding this comment.
small nit: the feature gate is for ops. For developers addressing the issue would be an increase of a timeout. So "users" and the action these users do in this context can be clarified.
Perhaps:
| the timeout value is supported in the Container Probe API. Because exec probe timeouts | |
| were never respected by kubelet, a new feature gate `ExecProbeTimeouts` will be introduced | |
| so users have an easy way to revert back if the newly introduced probe timeout results | |
| in unexpected behavior. | |
| the timeout value is supported in the Container Probe API. Because exec probe timeouts | |
| were never respected by kubelet, a new feature gate `ExecProbeTimeouts` will be introduced. | |
| With this feature nodes can be configured to preserve the current behavior while the proper | |
| timeouts are configured for the probes. |
|
|
||
| ### Goals | ||
|
|
||
| * fix exec probe timeouts in kubelet |
There was a problem hiding this comment.
perhaps "treat exec probe timeouts as probe failures in kubelet"
andrewsykim
force-pushed
the
kubelet-exec-timeout
branch
from
95a36f6 to
0606728
Compare
Signed-off-by: Andrew Sy Kim <kim.andrewsy@gmail.com>
andrewsykim
force-pushed
the
kubelet-exec-timeout
branch
from
0606728 to
40670f6
Compare
|
/lgtm |
k8s-ci-robot
added
the
lgtm
|
@andrewsykim are we missing some discussion on TODO(s) for different runtimes / dockershim? |
|
@dims I don't think so, I think the two TODOs that came out from this discussion were:
Both of those I imagine will be addressed in separate KEPs, this is one is to only fix exec probe timeouts |
|
/assign @dchen1107 @derekwaynecarr |
|
@andrewsykim sounds good. thanks! |
|
Another suggestion: should we increase scope of the KEP and also respect timeout in preStop exec hook? If so, the name of the flag may need to change to |
I agree that we should fix this, but I think grace termination period and probe timeouts are separate concerns here. I know some of the efforts around side car containers were also trying to address this so I wouldn't want to overlap there too much. I might be missing context on this one though. |
thinking more about it - I'd say even adding logic to respect the gracePeriodOverride would likely not be a breaking change so no flag is needed. So this KEP should be gtg |
| ### Test Plan | ||
|
|
||
| E2E tests: | ||
| * re-enable [existing exec liveness probe e2e test](https://github.com/kubernetes/kubernetes/blob/ea1458550077bdf3b26ac34551a3591d280fe1f5/test/e2e/common/container_probe.go#L210-L227) that is currently being skipped |
|
thanks for the write-up. agree with approach. /approve |
k8s-ci-robot
added
the
approved
|
/lgtm |
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: andrewsykim, dchen1107, derekwaynecarr The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
Signed-off-by: Andrew Sy Kim kim.andrewsy@gmail.com
Kubelet today does not respect exec probe timeouts. This is an unexpected behavior
since the timeout value is supported in the Container Probe API. Because exec probe timeouts
were never respected by kubelet, a new feature gate
ExecProbeTimeoutswill be introducedso users have an easy way to revert back if the newly introduced probe timeout results
in unexpected behavior.
KEP issue: #1972