-
Notifications
You must be signed in to change notification settings - Fork 1.7k
Introduce etcd petset #1295
Introduce etcd petset #1295
Conversation
done | ||
|
||
# re-join member | ||
ETCDCTL_ENDPOINT=${EPS} etcdctl member update ${member_id} http://${HOSTNAME}.${PETSET_NAME}:2380 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
it would be great if you could do this in an init container and write the config to some hostPath shared location that etcd reads on startup
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
You can't. The /var/run/etcd/meta
is generated after the cluster is bootstrapped. The file contains a member id which is know after the cluster started.
Seems like there're a lot of similarities with this and the zookeeper setup, would be nice to duplicate the pattern if possible (https://github.com/kubernetes/contrib/tree/master/pets/zookeeper). It would also make scaling easier. |
I tried running this for a while to no avail (all on 1.3) until I realized that I needed to manually create the PVCs expected by the cluster ahead of time. Is that the expected behavior? I would've expected that the necessary PVCs be auto-created (and automatically filled as long as a PV is available). Instead, creating the PetSet before the PVC does create a "zombie" PVC which is never filled, regardless of what I do. Sorry about asking here, but I've looked around and wasn't able to find any resources on this. I'm sure they exist somewhere; appreciate a pointer. |
@ingvagabund if you actually want to invoke the dynamic provisioner you need to specify https://github.com/kubernetes/kubernetes.github.io/blob/release-1.3/docs/user-guide/petset.yaml#L43, the way you currently have it, the petset is asking for a specific pvc @tschottdorf see 4 in https://github.com/kubernetes/kubernetes.github.io/blob/release-1.3/docs/user-guide/petset.md#alpha-limitations and https://github.com/kubernetes/kubernetes.github.io/blob/release-1.3/docs/user-guide/petset.md#stable-storage The provisioners are started based on your environment. From https://github.com/kubernetes/kubernetes/blob/release-1.3/examples/experimental/persistent-volume-provisioning/README.md
|
As noted on the cockroach thread you can do:
as necessary (you may have to set capacity and length). |
@ingvagabund did #1295 (comment) work? |
@bprashanth I will check that out. Sorry for the delay. |
e513fe5
to
9c8965c
Compare
@bprashanth the etcd petset is now scalable. Though, I have hit some issues when scaling up and down:
It does not have to be necessary related to the petset controller. Maybe something wrong in the specification. |
``` | ||
|
||
1. run skydns | ||
1. create the petset | ||
|
||
## Scaling | ||
|
||
TODO | ||
The etcd cluster can be scale up by running ``kubectl patch`` or ``kubectl edit``. For instance, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
kubectl scale?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
$ kubectl scale --replicas=5 petset/etcd
error: no scaler has been implemented for {"apps" "PetSet"}
Scaling up from NAME READY STATUS RESTARTS AGE
etcd-0 1/1 Running 0 3m
etcd-1 1/1 Running 0 3m
etcd-11 1/1 Running 0 3m
etcd-12 1/1 Running 0 3m
etcd-2 1/1 Running 0 3m
etcd-3 1/1 Running 1 3m Don't think pets |
Scaling will stop if a pet is unhealthy. It's possible that there are issues that need to be fixed when scaling halts because of an unhealth pet, and then the user scales up/down. The behavior currently is undefined in such situations. Scaling up should happen in order, once the petset is stable, scaling down should happen in reverse order. kubernetes/kubernetes#30082 |
done | ||
|
||
PEERS="" | ||
for i in $(seq 0 $((${INITIAL_CLUSTER_SIZE} - 1))); do |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
this stuff seems like exactly the type of thing to put in the init container (see zookeeper example:), any reason it should be in entrypoint? https://github.com/kubernetes/contrib/tree/master/pets/zookeeper/init. Putting it in init allows one to maintain both images independently, but I'm ok doing it this way if there are some limitations.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
putting it in init also gives you a clear signal that bootstrapping/joining cluster failed
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
this stuff seems like exactly the type of thing to put in the init container (see zookeeper example:), any reason it should be in entrypoint?
There is nothing to install, setup/configure or bootstrap. Initial cluster bootstrapping consists of waiting for initial pets. The same holds for the adding post-bootstrap members. The script "just" adds new member and start etcd.
Putting it in init allows one to maintain both images independently, but I'm ok doing it this way if there are some limitations.
As all the code is basically written over etcd image, there is no need for additional one.
putting it in init also gives you a clear signal that bootstrapping/joining cluster failed
Would not be postStart
better? Basically, the main container command itself is to run etcd
. The current code "just" collects required envs, params, puts them together and start etcd
. So one either add member, remove member or update member. That is the only piece of logic worth putting into initialization part. Unfortunately, all three etcd
commands differs in input options which are populated during initialization. So separation of initialization code and executing etcd
itself does not make sense.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Both are valid cases. I guess the question comes down to consistency
e7846cb
to
dbc8138
Compare
I'm planning on waiting for consensus on https://groups.google.com/forum/#!topic/kubernetes-dev/MhQl2GBylgM (I think we're close) before doing a next pass. Hoping we can directly check this in there. Let me know if you'd rather check it in here and transition instead and I can do a review. |
I am fine with waiting. At the same time (and as was commented in the discussion) we need some sort of CI to at least test 1) correctness and 2) regressions. |
@ingvagabund Is the etcd pod must run as root and in etcd namespaces? |
Etcd process runs as a root by default unless specified otherwise. Not aware of any etcd namespace requirement. What is your usecase here to test? |
# re-join member | ||
ETCDCTL_ENDPOINT=$(eps) etcdctl member update ${member_id} http://${HOSTNAME}.${PETSET_NAME}:2380 | ||
exec etcd --name ${HOSTNAME} \ | ||
--listen-peer-urls http://${HOSTNAME}.${PETSET_NAME}:2380 \ |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
{HOSTNAME}.${PETSET_NAME}
can't be resolve by dns. should be {HOSTNAME}.${SERVICE_NAME}
, in this example, you set petse-tname equal with svc-name so it can running well. Need add another env SERVER_NAME
to replace some fields.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Can you dump entries in your DNS? I have never had this problem.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
In this design doc https://github.com/bprashanth/kubernetes.github.io/blob/4df7d96369964a267466bdffc73f7d343c77584f/docs/user-guide/petset.md#network-identity As each pet is created, it gets a matching DNS subdomain, taking the form: $(petname).$(governing service domain), where the governing service is defined by the serviceName field on the Pet Set.
If you set petsetname don't equal to svc name, then you can see this issue.
recomputing cla status... |
[CLA-PING] @ingvagabund Thanks for your pull request. It looks like this may be your first contribution to a CNCF open source project. Before we can look at your pull request, you'll need to sign a Contributor License Agreement (CLA). 📝 Please visit https://identity.linuxfoundation.org/projects/cncf to sign. Once you've signed, please reply here (e.g. "I signed it!") and we'll verify. Thanks.
|
[CLA-PING] @ingvagabund Thanks for your pull request. It looks like this may be your first contribution to a CNCF open source project. Before we can look at your pull request, you'll need to sign a Contributor License Agreement (CLA). 📝 Please visit https://identity.linuxfoundation.org/projects/cncf to sign. Once you've signed, please reply here (e.g. "I signed it!") and we'll verify. Thanks.
|
[APPROVALNOTIFIER] The Following OWNERS Files Need Approval:
We suggest the following people: |
Closing this, it should probably exist as an example outside contrib. |
Example of etcd cluster via petsets
This change is