clustermesh: allow waiting for the CiliumClusterConfig to appear when required #25671
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
giorio94
added
area/clustermesh
giorio94
force-pushed
the
mio/wait-for-cluster-config
branch
from
2e34c46
to
e77c108
Compare
|
/test |
giorio94
force-pushed
the
mio/wait-for-cluster-config
branch
from
e77c108
to
c6887f2
Compare
|
Force-pushed to rebased onto main and fix a conflict. |
|
/test |
sayboras
approved these changes
May 27, 2023
YutaroHayakawa
approved these changes
May 29, 2023
|
/ci-eks |
aanm
approved these changes
May 30, 2023
pkg/clustermesh/remote_cluster.go
Outdated
| // controller backoff period to avoid recreating every time a new connection to the remote | ||
| // kvstore, which would introduce an unnecessary overhead. Still, we do return in case of | ||
| // consecutive failures, to ensure that we do not retry forever is something strange happened. | ||
| err = wait.PollImmediateInfiniteWithContext(ctx, clusterConfigPollInterval, func(ctx context.Context) (done bool, err error) { |
There was a problem hiding this comment.
Any reason why we don't use our controllers for this? They have the benefit of showing up in cilium status if something fails. With wait.PollImmediateInfiniteWithContext the failures will get hidden AFAICT.
There was a problem hiding this comment.
Essentially, the remote cluster logic is already wrapped by a controller. The idea here was to have a retry mechanism which doesn't cause that controller to restart (by simply returning the error there), because it would also cause the restart of the etcd connection, introducing an unnecessary overhead. But yeah, it makes sense to use another controller also for that rather than wait.PollImmediateInfiniteWithContext.
There was a problem hiding this comment.
I've updated the PR to use the controller. @aanm PTAL
maintainer-s-little-helper
bot
added
ready-to-merge
giorio94
removed
the
ready-to-merge
maintainer-s-little-helper
bot
added
the
ready-to-merge
giorio94
added
dont-merge/bad-bot
maintainer-s-little-helper
bot
added
the
ready-to-merge
|
Removing the ready-to-merge label while addressing the above suggestion. |
giorio94
force-pushed
the
mio/wait-for-cluster-config
branch
from
c6887f2
to
c888195
Compare
giorio94
removed
the
ready-to-merge
857060b ("clustermesh: Introduce CiliumClusterConfig") introduced the CiliumClusterConfig, which the clustermesh-apiserver stores into the kvstore during startup, and the remote cilium agents read when connecting to new clusters. Cilium agents tolerate the possible lack of the cluster configuration, to account for backward compatibility. This process currently suffers from the possibility of a race condition, because the agents might connect to the kvstore before that the cluster configuration has been actually written. Although as of today it doesn't raise particular concerns given that it is only used for sanity checks, the issue will be more serious when depending on the information therein contained to tune the behavior. One such case concerns the upcoming kvstoremesh approach (caching the information of remote clusters in the local kvstore), which leverages different prefixes for separation (hence requiring the cluster config to be present for disambiguation) and increases the race condition window (since the cluster configuration of new clusters would be written at runtime rather than on startup). This commit introduces a new well-known key (`cilium/.has-cilium-config`) that, when present, conveys that the cluster configuration will be eventually created, and remote clusters shall wait until it is present rather than falling back to the legacy approach. This key will be created by the clustermesh-apiserver init container, ensuring that it is always present when etcd is exposed to the remote agents. Alternative approaches that have been considered, but discarded because they would solve the problem for vanilla clustermesh but not for kvstoremesh include: * Setting the CiliumClusterConfig in the clustermesh-apiserver init container rather than during the initialization phase. * Leveraging a readiness probe to set the clustermesh-apiserver as ready only once the initialization phase completed, and the configuration has been written. Signed-off-by: Marco Iorio <marco.iorio@isovalent.com>
Create the `cilium/.has-cluster-config` key through the clustermesh-apiserver init container, to ensure that it is always present when the remote agents connect to etcd. Signed-off-by: Marco Iorio <marco.iorio@isovalent.com>
Leverage the newly introduced `.has-cluster-config` key to retrigger the retrieval of the cluster configuration in case it was not found, but it is known that it will be eventually present. This removes the possibility of race conditions if an agent connects to the kvstore before that the corresponding cluster configuration has been written. Additionally, the cluster configuration can also be forced as mandatory through a dedicated function parameter, when that is known agent-side because an enabled function requires it to be always present. Signed-off-by: Marco Iorio <marco.iorio@isovalent.com>
Let's propagate the context from the called to these helper functions, rather than using context.Background(). Signed-off-by: Marco Iorio <marco.iorio@isovalent.com>
giorio94
force-pushed
the
mio/wait-for-cluster-config
branch
from
c888195
to
28a7cf6
Compare
|
Rebased onto main to pick the last changes and allow the Cilium Runtime checks to run successfully. |
|
/test |
aanm
approved these changes
May 31, 2023
giorio94
removed
the
dont-merge/bad-bot
|
/test-1.16-4.19 Rerunning, as failed with a timeout |
maintainer-s-little-helper
bot
added
the
ready-to-merge
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Reporting the description of the first commit for convenience:
Another possibility might involve being strict and making the cluster configuration mandatory starting from v1.14. This looks a no-go to me though, because:
/cc @YutaroHayakawa, @marseel, @aanm, @joestringer for opinions.