Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Replace kubernetes mount code with utils #8056

Merged
merged 1 commit into from
Jan 10, 2020
Merged

Replace kubernetes mount code with utils #8056

merged 1 commit into from
Jan 10, 2020

Conversation

justinsb
Copy link
Member

@justinsb justinsb commented Dec 7, 2019
edited
Loading

This will remove one of the main dependencies on the kubernetes/kubernetes repo.

@k8s-ci-robot k8s-ci-robot added do-not-merge/work-in-progress Indicates that a PR should not merge because it is a work in progress. cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. size/XXL Denotes a PR that changes 1000+ lines, ignoring generated files. labels Dec 7, 2019
@k8s-ci-robot
Copy link
Contributor

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: justinsb

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@k8s-ci-robot k8s-ci-robot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Dec 7, 2019
@justinsb justinsb force-pushed the move_to_utils_mount branch 2 times, most recently from f138687 to aa0b0df Compare December 8, 2019 13:42
@justinsb justinsb changed the title WIP: Replace kubernetes mount code with utils Replace kubernetes mount code with utils Dec 8, 2019
@k8s-ci-robot k8s-ci-robot removed the do-not-merge/work-in-progress Indicates that a PR should not merge because it is a work in progress. label Dec 8, 2019
@geojaz
Copy link
Member

geojaz commented Dec 16, 2019

None of us love k/k deps, but right now, someone else is theoretically taking care of this for us. Are we gaining anything other than a somewhat smaller binary?
I'm not opposed to simplifying deps. But even here, there are bits and pieces that are out of sync (boilerplates, spacings, renames, etc), that seem to increase our scope. Feel free to educate me :)

@johngmyers
Copy link
Member

/test pull-kops-verify-staticcheck

@justinsb
Copy link
Member Author

@geojaz you're quite right - I should have pointed out the big problem. It was removed from k/k in kubernetes/kubernetes#81843 . It's also vastly overcomplicated for what we're actually using it for, so I think it's a net win for us, even if our hand is being forced.

@hakman
Copy link
Member

hakman commented Dec 28, 2019

I see Protokube is using nsenter for running systemd commands. Seems to me that most of the namespace changing job is done by starting the Protokube container as privileged in parent pid namespace.
I did some experiments at some point and, replacing nsenter with a simple chroot worked fine. Maybe it's worth exploring at some point.

kops/nodeup/pkg/model/protokube.go

Lines 226 to 228 in 0b52b99

"--net=host",
"--pid=host", // Needed for mounting in a container (when using systemd mounting?)
"--privileged", // We execute in the host namespace

@justinsb
Copy link
Member Author

@hakman that is interesting ... and maybe we can simplify things further. If I recall correctly, the complexities are whether the filesystem namespace is the same and whether there are helpers we need to run (e.g. mkfs.ext4). As it stands, this should be mostly importing just the bits of the k/k code we need (I think), and then maybe we can try to simplify it?

I think protokube isn't actually doing much with mounting any more (for users that are running recent k8s), because most of the mounting is now done in etcd-manager. etcd-manager actually has an easier problem because we don't need the volume to be visible outside the pod because it runs etcd in the same pod (though that does have its own challenges, like having to ship multiple etcd versions). So it would be good to look into simplifying this code!

@justinsb
Replace kubernetes mount code with utils
fc21f42 
This will remove one of the main dependencies on the
kubernetes/kubernetes repo.
@rifelpet
Copy link
Member

/lgtm

@k8s-ci-robot k8s-ci-robot added the lgtm "Looks good to me", indicates that a PR is ready to be merged. label Jan 10, 2020
@k8s-ci-robot k8s-ci-robot merged commit 1e4b284 into kubernetes:master Jan 10, 2020
@k8s-ci-robot k8s-ci-robot added this to the v1.18 milestone Jan 10, 2020
@rifelpet rifelpet mentioned this pull request Feb 26, 2020
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@joshbranham joshbranham Awaiting requested review from joshbranham

@robinpercy robinpercy Awaiting requested review from robinpercy

Assignees

@rifelpet rifelpet

Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. lgtm "Looks good to me", indicates that a PR is ready to be merged. size/XXL Denotes a PR that changes 1000+ lines, ignoring generated files.
Projects
None yet
Milestone
v1.18
Development

Successfully merging this pull request may close these issues.

None yet
6 participants
@justinsb @k8s-ci-robot @geojaz @johngmyers @hakman @rifelpet