Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Separate Direct and Indirect streaming paths, implement indirect path for CRI #36020

Merged
merged 1 commit into from
Nov 4, 2016
Merged

Separate Direct and Indirect streaming paths, implement indirect path for CRI #36020

merged 1 commit into from
Nov 4, 2016

Conversation

timstclair
Copy link

@timstclair timstclair commented Nov 1, 2016
edited

This PR refactors the pkg/kubelet/container.Runtime interface to remove the ExecInContainer, PortForward and AttachContainer methods. Instead, those methods are part of the DirectStreamingRuntime interface which all "legacy" runtimes implement. I also added an IndirectStreamingRuntime which handles the redirect path and is implemented by CRI runtimes. To control the size of this PR, I did not fully setup the indirect streaming path for the dockershim, so I left legacy path behind.

Most of this PR is moving & renaming associated with the refactoring. To understand the functional changes, I suggest tracing the code from getExec in pkg/kubelet/server/server.go, which calls GetExec in pkg/kubelet/kubelet_pods.go to determine whether to follow the direct or indirect path.

For #29579

/cc @kubernetes/sig-node

This change is Reviewable

@timstclair timstclair added the release-note-none Denotes a PR that doesn't merit a release note. label Nov 1, 2016
@timstclair timstclair added this to the v1.5 milestone Nov 1, 2016
@k8s-github-robot k8s-github-robot added the size/XXL Denotes a PR that changes 1000+ lines, ignoring generated files. label Nov 1, 2016
@yujuhong
Copy link
Contributor

yujuhong commented Nov 2, 2016

Reviewed 11 of 20 files at r1.
Review status: 11 of 26 files reviewed at latest revision, 7 unresolved discussions, some commit checks failed.

pkg/kubelet/kubelet_pods.go, line 1134 at r1 (raw file):

      return nil, err
  }
  podUID = kl.podManager.TranslatePodUID(podUID)

I'm fine with moving the function call here, but we should be careful and make sure that all outward facing methods call this function. Ideally we should just use a wrapper for all host method to ensure translation is done. This is out of the scope for the current PR though.

pkg/kubelet/container/runtime.go, line 124 at r1 (raw file):

}

type DirectStreamingRuntime interface {

Add comment for the interface.

pkg/kubelet/container/runtime.go, line 135 at r1 (raw file):

}

type IndirectStreamingRuntime interface {

Add comment for the interface.

pkg/kubelet/container/runtime.go, line 138 at r1 (raw file):

  GetExec(id ContainerID, cmd []string, stdin, stdout, stderr, tty bool) (*url.URL, error)
  GetAttach(id ContainerID, stdin, stdout, stderr bool) (*url.URL, error)
  GetPortForward(podFullName string, podUID types.UID) (*url.URL, error)

Can we not use podFullName? It's not very well-defined. "UID" or "name+namespace" is preferred. e

pkg/kubelet/dockertools/docker_manager.go, line 267 at r1 (raw file):

      imageStatsProvider:     newImageStatsProvider(client),
      seccompProfileRoot:     seccompProfileRoot,
  }

Need to ensure that docker manager implements DirectStreamingRuntime now that it's not part of the Runtime interface.
Add var _ kubecontainer.DirectStreamingRuntime = &DockerManager{} to the beginning of the file.

pkg/kubelet/kuberuntime/kuberuntime_manager.go, line 116 at r1 (raw file):

  kubecontainer.Runtime
  kubecontainer.IndirectStreamingRuntime
  kubecontainer.ContainerCommandRunner

include kubecontainer.DirectStreamingRuntime since we still keep the old methods.

pkg/kubelet/rkt/rkt.go, line 278 at r1 (raw file):

      return nil, fmt.Errorf("rkt: cannot get config from rkt api service: %v", err)
  }

Need to ensure that rkt implements DirectStreamingRuntime now that it's not part of the Runtime interface.
Add var _ kubecontainer.DirectStreamingRuntime = &Runtime{} to the beginning of the file.

Comments from Reviewable

@yujuhong
Copy link
Contributor

yujuhong commented Nov 2, 2016

Made the first pass. Most changes seem reasonable/straightforward. The cleanup of RunInContainer is nice. Will take a closer look later. Look forward to the next PR where legacy methods get deleted.

@k8s-github-robot k8s-github-robot added the needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. label Nov 2, 2016
@timstclair
Copy link
Author

Thanks, addressed all comments.

Review status: 11 of 26 files reviewed at latest revision, 7 unresolved discussions, some commit checks failed.

pkg/kubelet/kubelet_pods.go, line 1134 at r1 (raw file):

Previously, yujuhong (Yu-Ju Hong) wrote…

I'm fine with moving the function call here, but we should be careful and make sure that all outward facing methods call this function. Ideally we should just use a wrapper for all host method to ensure translation is done. This is out of the scope for the current PR though.

I double checked that all the places I removed `TranslatePodUID(...)` from call findContainer, and don't use the PodUID for anything else. TranslatePodUID should be idempotent, so if it's called by mistake before calling findContainer it won't be an issue. Agree about leveraging the type system to keep track of this transformation, filed https://github.com//issues/36031

pkg/kubelet/container/runtime.go, line 124 at r1 (raw file):

Previously, yujuhong (Yu-Ju Hong) wrote…

Add comment for the interface.

Done.

pkg/kubelet/container/runtime.go, line 135 at r1 (raw file):

Previously, yujuhong (Yu-Ju Hong) wrote…

Add comment for the interface.

Done.

pkg/kubelet/container/runtime.go, line 138 at r1 (raw file):

Previously, yujuhong (Yu-Ju Hong) wrote…

Can we not use podFullName? It's not very well-defined. "UID" or "name+namespace" is preferred. e

Agreed. Done.

pkg/kubelet/dockertools/docker_manager.go, line 267 at r1 (raw file):

Previously, yujuhong (Yu-Ju Hong) wrote…

Need to ensure that docker manager implements DirectStreamingRuntime now that it's not part of the Runtime interface.
Add var _ kubecontainer.DirectStreamingRuntime = &DockerManager{} to the beginning of the file.

Done.

pkg/kubelet/kuberuntime/kuberuntime_manager.go, line 116 at r1 (raw file):

Previously, yujuhong (Yu-Ju Hong) wrote…

include kubecontainer.DirectStreamingRuntime since we still keep the old methods.

Done.

pkg/kubelet/rkt/rkt.go, line 278 at r1 (raw file):

Previously, yujuhong (Yu-Ju Hong) wrote…

Need to ensure that rkt implements DirectStreamingRuntime now that it's not part of the Runtime interface.
Add var _ kubecontainer.DirectStreamingRuntime = &Runtime{} to the beginning of the file.

Done.

Comments from Reviewable

feiskyer
feiskyer reviewed Nov 2, 2016
View reviewed changes
pkg/kubelet/container/runtime.go
type IndirectStreamingRuntime interface {
GetExec(id ContainerID, cmd []string, stdin, stdout, stderr, tty bool) (*url.URL, error)
GetAttach(id ContainerID, stdin, stdout, stderr bool) (*url.URL, error)
GetPortForward(podName, podNamespace string, podUID types.UID) (*url.URL, error)
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Where is port? Is it handled somewhere else?

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Unfortunately the ports aren't included in the initial request, so without some changes to the client API we don't have that information here. I left a TODO here to deal with it later.

feiskyer
feiskyer reviewed Nov 2, 2016
View reviewed changes
pkg/kubelet/rkt/rkt.go
@@ -181,6 +181,7 @@ type Runtime struct {
}

var _ kubecontainer.Runtime = &Runtime{}
var _ kubecontainer.DirectStreamingRuntime = &Runtime{}
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Have a question: is there any initialization problem of assigning kubecontainer.DirectStreamingRuntime in both dockertools and rkt package?

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is just asserting that &Runtime{} implements the kubecontainer.DirectStreamingRuntime interface. Nothing is being assigned.

@yujuhong
Copy link
Contributor

yujuhong commented Nov 2, 2016

LGTM

@timstclair timstclair force-pushed the klet-stream branch 2 times, most recently from e83318a to 2273427 Compare November 2, 2016 18:28
@timstclair
Copy link
Author

Squashed & rebased.

@timstclair timstclair removed the needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. label Nov 2, 2016
@yujuhong yujuhong added the lgtm "Looks good to me", indicates that a PR is ready to be merged. label Nov 2, 2016
@timstclair
Copy link
Author

Added comment to fix hack/verify-golint.sh. Reapplying LGTM.

@timstclair timstclair added lgtm "Looks good to me", indicates that a PR is ready to be merged. and removed lgtm "Looks good to me", indicates that a PR is ready to be merged. labels Nov 2, 2016
@euank euank mentioned this pull request Nov 2, 2016
Closed
@euank
Copy link
Contributor

euank commented Nov 2, 2016

@k8s-bot verify test this issue: #36110

@euank
Copy link
Contributor

euank commented Nov 3, 2016
edited

@timstclair

W1102 16:39:56.277] Errors from golint:
W1102 16:39:56.277] pkg/kubelet/util/format/pod.go:36:1: comment on exported function PodDesc should be of the form "PodDesc ..."
W1102 16:39:56.277] 
W1102 16:39:56.278] Please fix the above errors. You can test via "golint" and commit the result.
W1102 16:39:56.278]

Belated LGTM with that comment fix too, I gave it a go and got it the exec part of it at least to work e2e for me.

@timstclair
Copy link
Author

Thanks, fixed. Reapplying LGTM (trivial comment change).

@timstclair timstclair added lgtm "Looks good to me", indicates that a PR is ready to be merged. and removed lgtm "Looks good to me", indicates that a PR is ready to be merged. labels Nov 3, 2016
@timstclair
Copy link
Author

@k8s-bot verify test this

@euank euank mentioned this pull request Nov 3, 2016
Merged
@timstclair timstclair removed the lgtm "Looks good to me", indicates that a PR is ready to be merged. label Nov 3, 2016
@timstclair
Copy link
Author

I still can't tell what's failing, but I tried cleaning up the unkeyed field warnings.

@k8s-ci-robot
Copy link
Contributor

Jenkins unit/integration failed for commit fc34165f964b087ea02ed19ebf4896599caffc65. Full PR test history.

The magic incantation to run this job again is @k8s-bot unit test this. Please help us cut down flakes by linking to an open flake issue when you hit one in your PR.

@k8s-ci-robot
Copy link
Contributor

Jenkins GCE e2e failed for commit fc34165f964b087ea02ed19ebf4896599caffc65. Full PR test history.

The magic incantation to run this job again is @k8s-bot cvm gce e2e test this. Please help us cut down flakes by linking to an open flake issue when you hit one in your PR.

@k8s-ci-robot
Copy link
Contributor

Jenkins GKE smoke e2e failed for commit fc34165f964b087ea02ed19ebf4896599caffc65. Full PR test history.

The magic incantation to run this job again is @k8s-bot cvm gke e2e test this. Please help us cut down flakes by linking to an open flake issue when you hit one in your PR.

@k8s-ci-robot
Copy link
Contributor

Jenkins GCI GKE smoke e2e failed for commit fc34165f964b087ea02ed19ebf4896599caffc65. Full PR test history.

The magic incantation to run this job again is @k8s-bot gci gke e2e test this. Please help us cut down flakes by linking to an open flake issue when you hit one in your PR.

@k8s-ci-robot
Copy link
Contributor

Jenkins GCE Node e2e failed for commit fc34165f964b087ea02ed19ebf4896599caffc65. Full PR test history.

The magic incantation to run this job again is @k8s-bot node e2e test this. Please help us cut down flakes by linking to an open flake issue when you hit one in your PR.

@k8s-ci-robot
Copy link
Contributor

Jenkins GCE etcd3 e2e failed for commit fc34165f964b087ea02ed19ebf4896599caffc65. Full PR test history.

The magic incantation to run this job again is @k8s-bot gce etcd3 e2e test this. Please help us cut down flakes by linking to an open flake issue when you hit one in your PR.

@k8s-ci-robot
Copy link
Contributor

Jenkins Kubemark GCE e2e failed for commit fc34165f964b087ea02ed19ebf4896599caffc65. Full PR test history.

The magic incantation to run this job again is @k8s-bot kubemark e2e test this. Please help us cut down flakes by linking to an open flake issue when you hit one in your PR.

@timstclair
Copy link
Author

Hmm, that seemed to fix the verify error. Squashed the commit. PTAL.

@yujuhong yujuhong added the lgtm "Looks good to me", indicates that a PR is ready to be merged. label Nov 3, 2016
@euank euank mentioned this pull request Nov 3, 2016
Merged
@k8s-ci-robot
Copy link
Contributor

Jenkins GCI GCE e2e failed for commit 86d849e. Full PR test history.

The magic incantation to run this job again is @k8s-bot gci gce e2e test this. Please help us cut down flakes by linking to an open flake issue when you hit one in your PR.

@yujuhong
Copy link
Contributor

yujuhong commented Nov 3, 2016

@k8s-bot gci gce e2e test this

@k8s-github-robot
Copy link

@k8s-bot test this [submit-queue is verifying that this PR is safe to merge]

@k8s-github-robot
Copy link

Automatic merge from submit-queue

@k8s-github-robot k8s-github-robot merged commit f787cea into kubernetes:master Nov 4, 2016
@yujuhong yujuhong mentioned this pull request Nov 4, 2016
Merged
k8s-github-robot pushed a commit that referenced this pull request Nov 4, 2016
Merge pull request #36189 from euank/kubelet-nolog-redir
3cdf8bb 
Automatic merge from submit-queue

kubelet: don't print httplogs for redirects

Goes with #36020, but can merge independently.

cc @timstclair
@yujuhong
Copy link
Contributor

yujuhong commented Nov 4, 2016

@timstclair I think this PR broke the CRI tests.
https://k8s-gubernator.appspot.com/build/kubernetes-jenkins/logs/kubelet-cri-gce-e2e-ci/842

Liveness probe for "liveness-exec_e2e-tests-container-probe-zs8nq(a47cd450-a2d2-11e6-bc63-42010a800007):liveness" errored: rpc error: code = 2 desc = not implemented

I should've triggered the CRI tests with @k8s-bot cri test this. My bad. Will look into this after the meeting.

@feiskyer
Copy link
Member

feiskyer commented Nov 5, 2016

Liveness probe for "liveness-exec_e2e-tests-container-probe-zs8nq(a47cd450-a2d2-11e6-bc63-42010a800007):liveness" errored: rpc error: code = 2 desc = not implemented

@timstclair Will this issue be fixed by #36253?

@Random-Liu Random-Liu mentioned this pull request Nov 5, 2016
Merged
@Random-Liu
Copy link
Member

Random-Liu commented Nov 5, 2016
edited

@timstclair Will this issue be fixed by #36253?

Just saw your comment. Yeah, it seems so. But I've already sent a quick fix #36274. Haha

k8s-github-robot pushed a commit that referenced this pull request Nov 5, 2016
Merge pull request #36274 from Random-Liu/fix-cri-streaming
8fff58c 
Automatic merge from submit-queue

CRI: Add remote streaming implementation.

Fixes the cri test failure introduced in #36020.

@yujuhong @timstclair @feiskyer 
/cc @kubernetes/sig-node
@rhcarvalho rhcarvalho mentioned this pull request Nov 6, 2016
Merged
This was referenced Dec 2, 2016
Closed
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@feiskyer feiskyer feiskyer left review comments

Assignees

@yujuhong yujuhong

Labels
lgtm "Looks good to me", indicates that a PR is ready to be merged. release-note-none Denotes a PR that doesn't merit a release note. size/XXL Denotes a PR that changes 1000+ lines, ignoring generated files.
Projects
None yet
Milestone
v1.5
Development

Successfully merging this pull request may close these issues.

None yet
9 participants
@timstclair @yujuhong @euank @k8s-ci-robot @k8s-github-robot @feiskyer @Random-Liu @googlebot @tallclair