Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Allow adding postStartScript lifecycle hook to all deployments #206

Merged
merged 3 commits into from
Jul 13, 2021
Merged

Allow adding postStartScript lifecycle hook to all deployments #206

merged 3 commits into from
Jul 13, 2021

Conversation

cognifloyd
Copy link
Member

@cognifloyd cognifloyd commented Jun 22, 2021
edited
Loading

This builds on the postStart lifecycle hook from #219, but allows adding custom postStartScript (via values) to each deployment pod.

In my old 1ppc-based st2 cluster, the entrypoint script had some cluster-specific
customizations. With the current docker images, we don't use an entrypoint script.
Some of those customizations do not translate well to cacheable Dockerfile commands.

The postStart lifecycle event provides something similar in that I can add those
cluster-specific customizations when I can't bake the changes directly into custom
docker images.

For example, in the actionrunner pods, I have a script that:

  • configures ansible,
  • clones a git repo with ansible-related content,
  • configures ssmtp in the pod for sending email,
  • and runs a sanity check on some perl modules used by an internal pack
    (the perl modules themselves are baked into the docker image).
    And in the chatops pod, our image has a slightly customized version of hubot that
    needs an additional config file. That config file should not be baked into the image.

We also use the init script for rapid testing of changes in our development st2 cluster
before we bake them into the docker images (where baking the changes in makes sense).

Though these could potentially be done via initContainers, adding custom initContainers
becomes much more complex when you consider the required additional volumes and volumeMounts.

see:
https://kubernetes.io/docs/tasks/configure-pod-container/attach-handler-lifecycle-event/
https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/

@pull-request-size pull-request-size bot added the size/L PR that changes 100-499 lines. Requires some effort to review. label Jun 22, 2021
@cognifloyd cognifloyd force-pushed the lifecycle-hooks branch 2 times, most recently from 7213fdf to 54be0a1 Compare June 25, 2021 01:01
@cognifloyd

This comment has been minimized.

Sign in to view
@cognifloyd cognifloyd force-pushed the lifecycle-hooks branch 3 times, most recently from d395890 to 59c3600 Compare June 26, 2021 06:00
@cognifloyd

This comment has been minimized.

Sign in to view
@cognifloyd cognifloyd force-pushed the lifecycle-hooks branch 3 times, most recently from f411b85 to 9e45053 Compare June 26, 2021 19:18
@cognifloyd

This comment has been minimized.

Sign in to view
@cognifloyd cognifloyd added RFR and removed WIP labels Jun 26, 2021
@cognifloyd cognifloyd requested a review from arm4b June 26, 2021 20:41
@cognifloyd

This comment has been minimized.

Sign in to view
This was referenced Jun 26, 2021
Closed
Closed
@cognifloyd cognifloyd force-pushed the lifecycle-hooks branch 2 times, most recently from cab5ed1 to 1278eb5 Compare July 3, 2021 02:09
@cognifloyd cognifloyd changed the title Add postStart pod lifecycle hook to all deployments Fix stanley_rsa permissions via postStart pod lifecycle hook (add postStart hook to all deployments) Jul 3, 2021
@cognifloyd
Copy link
Member Author

cognifloyd commented Jul 6, 2021
edited
Loading

Hmm. I should probably add a checksum annotation that covers the configmap template and the postStartScript value.
edit: done

@cognifloyd cognifloyd force-pushed the lifecycle-hooks branch 4 times, most recently from 20b5e02 to 98216e9 Compare July 6, 2021 17:01
@cognifloyd
Copy link
Member Author

cognifloyd commented Jul 6, 2021
edited
Loading

@armab edit: please checkout #219 next, which was separated from this PR I think this is the next one to review (please, when you have time).

It fixes the stanley_rsa file permissions issue using lifecycle.postStart and includes a test to make sure that the permissions stay fixed. It also allows for custom postStart scripts for the rest of the pods.

You might want to checkout the k8s docs in the PR description. :)

@cognifloyd cognifloyd mentioned this pull request Jul 8, 2021
Merged
@cognifloyd cognifloyd added WIP and removed RFR labels Jul 8, 2021
@cognifloyd cognifloyd changed the title Fix stanley_rsa permissions via postStart pod lifecycle hook (add postStart hook to all deployments) Allow adding postStartScript lifecycle hook to all deployments Jul 8, 2021
@cognifloyd cognifloyd force-pushed the lifecycle-hooks branch 2 times, most recently from 5dcb27c to 4b439dc Compare July 8, 2021 01:53
@cognifloyd
Copy link
Member Author

cognifloyd commented Jul 8, 2021
edited
Loading

K. I split the stanley_rsa fix into #219. This is now only about adding the postStartScript to all the rest of the pods.

#206 builds on #219 now, so please review and merge #219 first. edit: merged

@cognifloyd cognifloyd marked this pull request as draft July 8, 2021 01:55
@cognifloyd cognifloyd added the K8s label Jul 8, 2021
@cognifloyd cognifloyd marked this pull request as ready for review July 10, 2021 15:24
@cognifloyd cognifloyd force-pushed the lifecycle-hooks branch 2 times, most recently from f7eb0af to fe6ea12 Compare July 10, 2021 15:27
@cognifloyd cognifloyd added RFR and removed WIP labels Jul 10, 2021
@arm4b
Copy link
Member

arm4b commented Jul 10, 2021
edited
Loading

I think it will solve one of the use cases that many requested, - installing packages for some of the st2 actions like, say, ansible instead of providing their own forked pre-baked image, both approaches with their pros/cons.

Oerall any customization before starting the st2 cluster makes sense and brings a lot of configuration flexibility 👍

@cognifloyd
Copy link
Member Author

@armab I'm glad you like the idea

arm4b
arm4b approved these changes Jul 13, 2021
View reviewed changes
Copy link
Member

@arm4b arm4b left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nice addition for customizing the ST2 cluster environment.
Thanks for that!

@arm4b arm4b merged commit 494096a into StackStorm:master Jul 13, 2021
@cognifloyd cognifloyd removed the RFR label Jul 27, 2021
@cognifloyd cognifloyd mentioned this pull request Aug 5, 2021
Closed
@cognifloyd cognifloyd deleted the lifecycle-hooks branch November 11, 2021 18:58
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@arm4b arm4b arm4b approved these changes

Assignees
No one assigned
Labels
feature K8s size/L PR that changes 100-499 lines. Requires some effort to review.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@cognifloyd @arm4b