-
Notifications
You must be signed in to change notification settings - Fork 38.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fixes crd per-version validation field path #84560
Fixes crd per-version validation field path #84560
Conversation
...apiextensions-apiserver/pkg/controller/nonstructuralschema/nonstructuralschema_controller.go
Outdated
Show resolved
Hide resolved
@sttts can you verify this will not trigger the dueling CRD condition messages? (this is the exact scenario the generation checking code was intended to protect against, but a verification would be good) |
bc0a784
to
65d2fe0
Compare
65d2fe0
to
0153473
Compare
currently the protection only works by checking whether the message is identical, which will not be helping the case where there are two apiservers writing different messages/conditions in HA setup: T0: for two apiservers in a cluster, one SVR1, the other SVR2 the condition will end up twiddling from TXT1 to TXT2, it can be even worse if the replicas are multiplied... |
This protects against updating condition more than once for the same generation: Lines 140 to 146 in b6bf0d6
|
condition is in status and does not modify metadata.generation |
@@ -112,7 +112,7 @@ func calculateCondition(in *apiextensions.CustomResourceDefinition) *apiextensio | |||
return cond | |||
} | |||
|
|||
pth := field.NewPath("spec", "version").Key(v.Name).Child("schema", "openAPIV3Schema") |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Is this an associative list? if so I think keyed by name is at least a somewhat acceptable way to index it. (version->versions seems correct though.)
But how to avoid fighting with a prior apiserver during an upgrade?
I'm not a fan of our current mechanism at all, it seems super brittle. Changes like this one shouldn't be so fraught with danger :/
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
field path is intended to output the jsonpath to the field, so this should be an index
But how to avoid fighting with a prior apiserver during an upgrade?
we already protected against that, I just wanted a sanity check the mechanism was working
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
field path is intended to output the jsonpath to the field, so this should be an index
Sounds like something that could (and therefore should) be tested...
the protection only works within one apiserver. in an HA setup where the replicas are partially upgraded, e.g. |
yes, though the normal HA replicas upgrade scenario which starts with M replicas in steady-state, then does a rolling upgrade to N replicas of the new version would only update the message a single time. |
@liggitt Why should index based errors cause more flapping than name based? I remember that we talked about flapping in the review, but I don't remember the reasoning for the current code. Or is it just this change which you fear will cause flapping? Sure it will, for a 3 node HA cluster this will cause max 6 updates of the condition, per CRD. That does not sound like a big deal IMO. |
It's not specific to index-based errors, this is just the first message change I'm aware of where we have old apiservers in play, and I wanted a double-check of our flapping mitigation.
Agree. |
any more action item required in this pull? |
/lgtm |
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: liggitt, yue9944882 The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
/sig api-machinery
/kind bug
/cc @sttts @liggitt @kubernetes/sig-api-machinery-misc
found this when resolving CI failures for #84005 , i dont think there will be compatiblity issues if we reword it directly?