New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
managedFields options are very verbose, making kubectl usage a bit #90066
Comments
/sig cli |
Hi @howardjohn I understand that this is a voluminous field. The team has discussed that issue multiple times, but we've decided that the information provided is useful for the users. First, feel free to read this blog-post which will explain what it does and why it's here: https://kubernetes.io/blog/2020/04/01/kubernetes-1.18-feature-server-side-apply-beta-2/ Also, I think I could have emphasized in the blog how the fields can be used to "blame" (à la git-blame) the changes made to an object. For example, you can use it to see what and when a controller adds or changes a specific field of an object. It's also a great way to learn the intricate ways of Kubernetes and understand its asynchronous behavior (the service account controller adds the service account token volume to a pod, the "neg-status" label is set asynchronously by the neg controller, etc). I hope that helps, and thank you for the feedback! |
I would like to propose that command |
While I agree the output is verbose, kubectl tries very hard to be as transparent as possible when outputting what the server returns in json/yaml format. Introspecting/manipulating particular fields in the response could be done if absolutely required, but is less than ideal. |
I find that everyday workflows like At first I thought that hiding it by default in |
same here please opt-in |
I think too it could be optional to show managed fields |
I think it should be possible to suppress it, so I can "export" resources as YAML and use them for other purposes. So, opt-out. Didn't we have something like |
I feel that this is a good place to recommend using a plugin to clean up resources: kubectl neat https://github.com/itaysk/kubectl-neat |
@towolf there was a |
@itaysk I found your plugin and I really like it. However, to have |
kubectl-neat plugin seems to solve this issue quite elegantly. Would it be possible to integrate |
I don't believe that kubectl should decide which fields people think are important or not. kubectl is implemented to display the object as it is received from the server. What we could do is print the |
No, that's worse. And again unwieldy like the thing this replaced. |
True, but giving a way for the user to filter out the info he/she doesn't need would improve significantly the user experience. |
I hear you all, do you all agree that this isn't the only field that could benefit from at least a less prominent location if not outright hiding? The primary risk in hiding fields is in accidentally causing some workflow that eventually updates an object to then delete the hidden fields. That shouldn't be an issue for this particular field (depending on how much we obscure), but it would definitely be an issue for some other fields. How much of the problem is in |
I'm also a little reluctant to filter fields in |
maybe hide it only in |
Describe should definitely not show this. (except for maybe the update timestamp.) Does it right now? If so that's a bug. |
sorry I didn't check.. |
Kubernetes 1.18: |
Great, that's what I expected. We should probably make it show the most recent update timestamp, I don't think we added that yet. |
I'm quite new to k8s. You can disable managedFields. managedField is a featuregate and it's in beta. I encourage you do not disable, because the documentation says:
I've done a little test disabling it in a minikube env e it worked as expected. I did it just for learning purpose.
|
@mcginne sorry the delay.
Correct.
Do you have an issue opened with more data? |
I haven't raised a separate issue yet as there was some discussion on performance impact between @lavalamp and @wojtek-t here #90066 (comment), and it sounded like this overhead was necessary for correctness. I can raise a separate issue about the performance impact if folks think there is some scope for improvement.. |
The managedFields metadata is not useful to us, and it's very verbose. kubernetes/kubernetes#90066 (comment)
I've installed kubectl version |
@max-rocket-internet it is targeted for 1.21, see #96878 for details. |
what is the delta between this and #96878? there is a comment in the PR that says this issue still should remain open after the merge? what else are we missing? |
managed fields are still downloaded, they are stripped by the client. We could possibly omit them server-side. |
Just another data point. We were seeing our mutating webhooks take up to 15s, which is crazy - should be milliseconds typically. The root cause was managedFields. Simply removing the managedFields from our patching logic dropped the slow requests to ~500ms (the bad case was a config near etcd size limits, so much slower than normal). istio/istio#34799 |
yeah, this is the sort of things I'm really concerned about, not the output of |
But is "My patch computation is very slow because it looks at the entire object instead of just at subset that is actually relevant" really something to reasonable blame the existence of managed fields for? |
Sort of? I mean it worked fine up until managedFields were added, then it (subtly) started behaving really slowly due without changes on our side. I am not here to say "managedFields are bad" or anything, just that they negatively impacted us in this niche edge case scenario, and may negatively impact others if they have similar logic. If they do, I hope they see this comment and the fix (https://github.com/istio/istio/pull/34805/files#diff-e57c2ab4e6af0f24e7285fad8ec9fe8b688fad1350b6d6c405f75a067d65e0dcR723) and can spend less time figuring out what is going on. |
It is correct to blame managed fields. Any change that increases payload sizes by at least 2x and commonly 3x will directly produce performance degradation. I assume this was clear to the engineers who designed and implemented this, and that they felt the benefits outweighed the costs. Myself, I can't really see any tangible benefit. The downsides, such poor developer and user experience, performance impact, have been reported by dozens of users and are clear. This is pretty frustrating. |
Until waiting for Kubernetes upgrade to version 1.21+, I'm using
|
I recognize this is closed but here are my two cents anyway: managedFields is an implementation detail. It has nothing to do with my assertion of some resource. I feel like this functionality could have been implemented at least partially if git had been incorporated into the backend of k8s. As it stands, the resource that gets applied/created is manipulated in inconsistent ways. Some status data shows up in the status block, other status data occurs inside the metadata section, and yet other parts are overwritten/added/removed via webhooks/etc. I see the value in the information. I'm not at all convinced that this is the smartest way to store or convey that information. managedFields as currently implemented makes using k8s more difficult. This is meaningless implementation babble and it chews up bandwidth. There has never been a case where I've found this data useful. I'm sure it might be to some but for me, no:
There reason many solutions die is because of this kind of well intentioned bloat creeps in (look at xml as an example). Where the average user has to contend with what is essentially baffling esoterica, the elite power few, get to know what field in a resource was changed. A lot of what I read about Apply has to do with limitations in the HTTP protocol (GET, PUT, HEAD, POST, DELETE) used to convey state changes from client to server. This current approach is broken. |
Thanks for the feedback. What do you think specifically is broken?
It sounds like it's been annoying to you, when has this been the case specifically?
Feel free to open a bug with the steps to reproduce, I'd love to take a look. |
You might like to read about how it's intended to be used: https://kubernetes.io/blog/2022/10/20/advanced-server-side-apply/ |
Thanks for this. It clarifies server side apply and its benefits. Can this be achieved without dumping managed fields into the meta data. Could each resource have a sibling managedField resource that is only retrieved upon request? In the same way that finalizers or timestamps are added, a ref to managedFields could be added. Sent from my iPhoneOn Oct 24, 2022, at 18:35, Daniel Smith ***@***.***> wrote:
You might like to read about how it's intended to be used: https://kubernetes.io/blog/2022/10/20/advanced-server-side-apply/
—Reply to this email directly, view it on GitHub, or unsubscribe.You are receiving this because you commented.Message ID: ***@***.***>
|
There is no other place that is universal to all kubernetes objects. We also can't move this since SSA has been GA for quite some time. client-side apply maintained a "lastAppliedAnnotation" which is also in metadata and wasn't very pretty either, btw. |
Recently (1.18?) a new field was added to configs, managedFields. This is incredibly verbose, which makes kubectl commands like
-oyaml
andedit
painful.For example, on a random deployment I have looked at, the entire
kubectl get deployment -oyaml
is 640 lines. Managed fields is over half of that, with 358 lines.I am not sure if its feasible to somehow mitigate this without breaking server side apply or other features, but it would be useful if possible. One possible idea would be to just hide it from kubectl commands, but I am not sure the impact of that. The goal of this issue is mostly to bring awareness that this causes some user pain and see if we can improve that a bit.
Version:
The text was updated successfully, but these errors were encountered: