Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

kubelet manages /etc/hosts file #16052

Merged
merged 1 commit into from
Oct 23, 2015
Merged

kubelet manages /etc/hosts file #16052

merged 1 commit into from
Oct 23, 2015

Conversation

ArtfulCoder
Copy link
Contributor

This implementation relies on moby/moby#14613

@ArtfulCoder
Copy link
Contributor Author

#14633
#15227

@ArtfulCoder ArtfulCoder added the sig/network Categorizes an issue or PR as relevant to SIG Network. label Oct 21, 2015
@ArtfulCoder
Copy link
Contributor Author

@thockin @bgrant0607

thockin
thockin reviewed Oct 21, 2015
View reviewed changes
pkg/kubelet/kubelet.go
}

func makeHostsMount(podDir, podIP, podName string) (*kubecontainer.Mount, error) {
hostsFilePath := path.Join(podDir, "hosts")
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

can we call the file "etc-hosts" ?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

fixed, added container name to it as well

@thockin
Copy link
Member

thockin commented Oct 21, 2015

nice fix. Waiting for e2e

@k8s-github-robot
Copy link

Labelling this PR as size/M

@k8s-github-robot k8s-github-robot added the size/M Denotes a PR that changes 30-99 lines, ignoring generated files. label Oct 21, 2015
@k8s-bot
Copy link

k8s-bot commented Oct 21, 2015

GCE e2e test build/test passed for commit 77d170ac19a9d09d307da242e896d45a23039731.

bgrant0607
bgrant0607 reviewed Oct 21, 2015
View reviewed changes
pkg/kubelet/kubelet.go
@@ -955,8 +958,11 @@ func (kl *Kubelet) syncNodeStatus() {
}
}

func makeMounts(container *api.Container, podVolumes kubecontainer.VolumeMap) (mounts []kubecontainer.Mount) {
func (kl *Kubelet) makeMounts(pod *api.Pod, container *api.Container, podVolumes kubecontainer.VolumeMap) ([]kubecontainer.Mount, error) {
mountEtcHostsFile := !pod.Spec.SecurityContext.HostNetwork
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What does Docker do with /etc/hosts in the case of net=host?

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It mounts the the host's /etc/hosts

On Wed, Oct 21, 2015 at 1:42 PM, Brian Grant notifications@github.com
wrote:

In pkg/kubelet/kubelet.go
#16052 (comment)
:

@@ -955,8 +958,11 @@ func (kl *Kubelet) syncNodeStatus() {
}
}

-func makeMounts(container *api.Container, podVolumes kubecontainer.VolumeMap) (mounts []kubecontainer.Mount) {
+func (kl *Kubelet) makeMounts(pod *api.Pod, container *api.Container, podVolumes kubecontainer.VolumeMap) ([]kubecontainer.Mount, error) {

  • mountEtcHostsFile := !pod.Spec.SecurityContext.HostNetwork

What does Docker do with /etc/hosts in the case of net=host?


Reply to this email directly or view it on GitHub
https://github.com/kubernetes/kubernetes/pull/16052/files#r42679420.

@ArtfulCoder
Copy link
Contributor Author

etchosts is per-container
added e2e
adding more e2e

@dchen1107
Copy link
Member

The current implementation is like this way: for a given pod, we re-write pod's /etc/hosts file completely when every container start / restart. Also at network container creation stage, there is no PodIP information yet. I am not sure this is the best solution.

What I proposed yesterday:

  1. Create pod based etc_hosts file at /var/lib/kubelet/pods/$pod_id directory and write whatever static content there including localhost.
  2. Every container creation stage, mount above file as volume
  3. After network container is creation, update pod's etcd_hosts file with pod ip information.

@dchen1107
Copy link
Member

Ok, talked to @ArtfulCoder offline. He changed this to per container based, not pod based, so that Kubelet won't overwrite the single file every container start / restart. The side effect is that we create an extra file for each container. I guess this should be ok.

@k8s-github-robot k8s-github-robot added size/L Denotes a PR that changes 100-499 lines, ignoring generated files. and removed size/M Denotes a PR that changes 30-99 lines, ignoring generated files. labels Oct 21, 2015
@k8s-github-robot
Copy link

Labelling this PR as size/L

@k8s-bot
Copy link

k8s-bot commented Oct 21, 2015

GCE e2e test build/test passed for commit c9420095e3a2844db8591d3d02fb2f8c6620116f.

@ArtfulCoder
Copy link
Contributor Author

e2e added
Please review

thockin
thockin reviewed Oct 21, 2015
View reviewed changes
pkg/kubelet/kubelet.go
}

func makeHostsMount(podDir, podIP, podName, containerName string) (*kubecontainer.Mount, error) {
hostsFilePath := path.Join(podDir, fmt.Sprintf("%s-etc-hosts", containerName))
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

we should not need a file per container - can we make the hosts file once after the pod is created and then use that for all of the container mounts?

@thockin
Copy link
Member

thockin commented Oct 21, 2015

A few small points, then LGTM

@k8s-bot
Copy link

k8s-bot commented Oct 21, 2015

GCE e2e test build/test passed for commit 716ea07b90fc4513edbdebb0783e4ed5ddec4c5d.

@ArtfulCoder
Copy link
Contributor Author

feedback incorporated.
PTAL

@thockin thockin added the lgtm "Looks good to me", indicates that a PR is ready to be merged. label Oct 22, 2015
@k8s-bot
Copy link

k8s-bot commented Oct 22, 2015

GCE e2e test build/test passed for commit 5b2f28d35ee913ad4541ee023b027c8f6c7d62c4.

@ArtfulCoder
Copy link
Contributor Author

fixing test issue found by shippable

dchen1107
dchen1107 reviewed Oct 22, 2015
View reviewed changes
pkg/kubelet/kubelet.go

func ensureHostsFile(fileName string, hostIP, hostName string) error {
if _, err := os.Stat(fileName); os.IsExist(err) {
glog.Errorf("File exits: %q", fileName)
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit: Shouldn't be Errorf here, right?

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

s/exits/exists

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

but I agree with dawn - is this log line useful? It seems like V(4) at best

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

done

@thockin thockin removed the lgtm "Looks good to me", indicates that a PR is ready to be merged. label Oct 22, 2015
dchen1107
dchen1107 reviewed Oct 22, 2015
View reviewed changes
pkg/kubelet/kubelet.go
@@ -955,8 +958,12 @@ func (kl *Kubelet) syncNodeStatus() {
}
}

func makeMounts(container *api.Container, podVolumes kubecontainer.VolumeMap) (mounts []kubecontainer.Mount) {
func (kl *Kubelet) makeMounts(pod *api.Pod, container *api.Container, podVolumes kubecontainer.VolumeMap) ([]kubecontainer.Mount, error) {
mountEtcHostsFile := !pod.Spec.SecurityContext.HostNetwork && len(pod.Status.PodIP) > 0
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please comment here: You only create etc_hosts file for containers meeting both requirements:

  1. not using host network. This is pretty straight-forward. But worth a comment to make sure other maintainer won't break this logic in the future.
  2. podIP is available already. This means network infrastructure container's etc_hosts file is different from rest of containers. It should be ok since that is a hidden container, and not used by the users anyway. But it is confusing. I did stair at it for a couple of minutes to figure it out. :-)

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

done

@dchen1107
Copy link
Member

LGTM overall.Just some nits and comments.

@dchen1107
Copy link
Member

cc/ @yifan-gu on rkt side. Now Kubelet takes over container's /etc/hosts file, not sure if it breaks rkt's logic here.

@ArtfulCoder
Copy link
Contributor Author

feedback addressed.
PTAL

@yifan-gu
Copy link
Contributor

cc @jonboulle

@k8s-bot
Copy link

k8s-bot commented Oct 22, 2015

GCE e2e test build/test passed for commit ba6469d.

@yifan-gu
Copy link
Contributor

LGTM, shouldn't break rkt

@dchen1107
Copy link
Member

LGTM

@dchen1107 dchen1107 added the lgtm "Looks good to me", indicates that a PR is ready to be merged. label Oct 22, 2015
fgrzadkowski added a commit that referenced this pull request Oct 23, 2015
@fgrzadkowski
Merge pull request #16052 from ArtfulCoder/mount_etc_hosts
165169a 
kubelet manages /etc/hosts file
@fgrzadkowski fgrzadkowski merged commit 165169a into kubernetes:master Oct 23, 2015
@dchen1107 dchen1107 mentioned this pull request Oct 23, 2015
Closed
@ArtfulCoder
Copy link
Contributor Author

waiting on #16174 before cherry-picking

@ArtfulCoder ArtfulCoder mentioned this pull request Oct 26, 2015
Closed
ArtfulCoder added a commit to ArtfulCoder/kubernetes that referenced this pull request Oct 26, 2015
@ArtfulCoder
Merge branch 'automated-cherry-pick-of-kubernetes#16052-release-1.1' of
c4a2aad 
https://github.com/artfulcoder/kubernetes into today
@ArtfulCoder ArtfulCoder mentioned this pull request Oct 26, 2015
Merged
pmorie
pmorie reviewed Oct 28, 2015
View reviewed changes
pkg/kubelet/dockertools/manager.go
@@ -312,22 +312,6 @@ type containerStatusResult struct {

const podIPDownwardAPISelector = "status.podIP"

// podDependsOnIP returns whether any containers in a pod depend on using the pod IP via
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@ArtfulCoder why did this change?

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

because all pods depend on IP now.

@pmorie
Copy link
Member

pmorie commented Oct 29, 2015

@dchen1107

was the change to the downward API logic part of this PR? i don't understand.

@ArtfulCoder
Copy link
Contributor Author

@pmorie
There is no change in downward API
Kubelet now manages the /etc/hosts file for each pod.
Before this PR, /etc/hosts was managed by docker for each container.

We need the container's hostname and ip so that it can be included in the /etc/hosts file.
As a result, we now need to figure out the ip.

Hope that answers your question.

@pmorie
Copy link
Member

pmorie commented Oct 31, 2015

Thanks for the clarification @thockin

@borqosky borqosky mentioned this pull request Mar 2, 2016
Open
@danwinship danwinship mentioned this pull request May 5, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@dchen1107 dchen1107

Labels
lgtm "Looks good to me", indicates that a PR is ready to be merged. sig/network Categorizes an issue or PR as relevant to SIG Network. size/L Denotes a PR that changes 100-499 lines, ignoring generated files.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet