fix potential memory leak issue in processing watch request #85410
Conversation
k8s-ci-robot
added
kind/bug
|
Hi @answer1991. Thanks for your PR. I'm waiting for a kubernetes member to verify that this patch is reasonable to test. If it is, they should reply with Once the patch is verified, the new status will be reflected by the I understand the commands that are listed here. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
k8s-ci-robot
added
the
needs-ok-to-test
answer1991
force-pushed
the
bugfix/memory-leak-in-watch
branch
from
47f1a9c
to
9db7d48
Compare
k8s-ci-robot
added
area/apiserver
sig/api-machinery
|
/ok-to-test |
k8s-ci-robot
added
priority/backlog
|
/lgtm Let's cherry pick this back. Thanks! |
k8s-ci-robot
added
the
lgtm
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: answer1991, lavalamp The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
k8s-ci-robot
added
the
approved
|
Doesn't the kubernetes/staging/src/k8s.io/apiserver/pkg/endpoints/handlers/get.go Lines 252 to 262 in 81af5ba |
answer1991
force-pushed
the
bugfix/memory-leak-in-watch
branch
from
9db7d48
to
192a718
Compare
k8s-ci-robot
removed
the
lgtm
| @@ -591,6 +591,7 @@ func TestWatchHTTPErrors(t *testing.T) { | |||
| } | |||
|
|
|||
| s := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, req *http.Request) { | |||
| defer watcher.Stop() | |||
There was a problem hiding this comment.
Why is this addition needed ?
There was a problem hiding this comment.
watcher.Stop has moved to serveWatch function. The test codes now is tricky, but I have not found a better way to call watcher.Stop in test codes.
There was a problem hiding this comment.
But you're stopping the watcher on any request, instead of just the relevant ones.
|
/hold Let me refactor codes again. |
|
I had already improved the PR, many thanks for a review. BTW, I do not think it's a bug any more, as the real kubernetes/staging/src/k8s.io/apiserver/pkg/storage/cacher/cacher.go Lines 1360 to 1376 in c97baa3 |
answer1991
force-pushed
the
bugfix/memory-leak-in-watch
branch
from
b337933
to
1393679
Compare
|
@answer1991 - the test failure seems related |
|
The tests passed in my environment. Let me try run test again, if also failed let me debug try to resolve it :-P /test pull-kubernetes-bazel-test |
answer1991
force-pushed
the
bugfix/memory-leak-in-watch
branch
from
1393679
to
b911aa6
Compare
k8s-ci-robot
removed
the
do-not-merge/hold
|
/lgtm Thanks! |
k8s-ci-robot
added
the
lgtm
|
I ran the new test after reverting the change to staging/src/k8s.io/apiserver/pkg/endpoints/handlers/watch.go The test still passed. |
|
Yes, it is. As we dose not test kubernetes/staging/src/k8s.io/apiserver/pkg/endpoints/watch_test.go Lines 611 to 624 in 1fd2137 If we use the older method to ServeHTTP, then the test case s := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, req *http.Request) {
if preServeErr != nil {
responsewriters.ErrorNegotiated(preServeErr, watchServer.Scope.Serializer, watchServer.Scope.Kind.GroupVersion(), w, req)
return
}
watchServer.ServeHTTP(w, req)
}))
defer s.Close() |
|
With the above modification: I would expect that existing tests would pass. |
|
If you want existing tests would pass, you should call Call |
| @@ -64,6 +64,8 @@ func (w *realTimeoutFactory) TimeoutCh() (<-chan time.Time, func() bool) { | |||
| // serveWatch will serve a watch response. | |||
| // TODO: the functionality in this method and in WatchServer.Serve is not cleanly decoupled. | |||
| func serveWatch(watcher watch.Interface, scope *RequestScope, mediaTypeOptions negotiation.MediaTypeOptions, req *http.Request, w http.ResponseWriter, timeout time.Duration) { | |||
| defer watcher.Stop() | |||
There was a problem hiding this comment.
Hi @answer1991 , why do we need this when we already have the watcher to be closed after timeout in cacheWatcher.process().
|
+1 on #85410 (comment) |
|
It's part of 1.18, so with 1.19 out, we can just cherrypick it to 1.17. But that sounds reasonable to me. @answer1991 - can you please open 1.17 cherrypick? |
|
@wojtek-t sure, is there any automated command in github to help do this? or should I cherry-pick it manually? |
Automated cherry pick of #85410: fix potential memory leak issue in processing watch request
|
I thought I heard that our policy now is to support the previous 3 minor releases. |
|
Isn't it that starting with 1.19 we will be supporting a release for 1 year? So it will be effectively 4 releases, but when 1.19 will become the oldest one? |
|
I see I remembered wrong. https://kubernetes.io/docs/setup/release/version-skew-policy/#supported-versions has the statement. So 1.17 is the oldest supported one now. |
What type of PR is this?
/kind bug
What this PR does / why we need it:
Fix API Server potential memory leak issue in processing watch request
Which issue(s) this PR fixes:
Related Issue: #84001
Related PR: #84693
Special notes for your reviewer:
After #84693 picked, API Server processing watch request still may leak memory(does not stop watcher).
Does this PR introduce a user-facing change?:
Additional documentation e.g., KEPs (Kubernetes Enhancement Proposals), usage docs, etc.:
None