-
Notifications
You must be signed in to change notification settings - Fork 38.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
kube-proxy: treat failure to bind to a port as fatal #89350
kube-proxy: treat failure to bind to a port as fatal #89350
Conversation
339a9c6
to
9e3b531
Compare
This PR may require API review. If so, when the changes are ready, complete the pre-review checklist and request an API review. Status of requested reviews is tracked in the API Review project. |
28e6fb5
to
626e9e3
Compare
/remove-area kubeadm |
/retest |
cmd/kube-proxy/app/server.go
Outdated
@@ -168,6 +168,7 @@ func (o *Options) AddFlags(fs *pflag.FlagSet) { | |||
fs.Var(utilflag.IPVar{Val: &o.config.BindAddress}, "bind-address", "The IP address for the proxy server to serve on (set to '0.0.0.0' for all IPv4 interfaces and '::' for all IPv6 interfaces)") | |||
fs.Var(utilflag.IPPortVar{Val: &o.config.HealthzBindAddress}, "healthz-bind-address", "The IP address with port for the health check server to serve on (set to '0.0.0.0:10256' for all IPv4 interfaces and '[::]:10256' for all IPv6 interfaces). Set empty to disable.") | |||
fs.Var(utilflag.IPPortVar{Val: &o.config.MetricsBindAddress}, "metrics-bind-address", "The IP address with port for the metrics server to serve on (set to '0.0.0.0:10249' for all IPv4 interfaces and '[::]:10249' for all IPv6 interfaces). Set empty to disable.") | |||
fs.BoolVar(&o.config.MetricsBindHardFail, "metrics-bind-hard-fail", o.config.MetricsBindHardFail, "If true kube-proxy will treat metrics bind failure as fatal and exit") |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Should we cover both metrics and healthz? E.g. --bind-address-hard-fail
?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thank you very much @thockin ! I'll try to refactor my code.
cmd/kube-proxy/app/server.go
Outdated
@@ -595,6 +597,7 @@ func (s *ProxyServer) Run() error { | |||
s.Broadcaster.StartRecordingToSink(&v1core.EventSinkImpl{Interface: s.EventClient.Events("")}) | |||
} | |||
|
|||
errCh := make(chan error) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
comments? This seems out of place here, but if we handle both healthz and metrics, it makes more sense.
626e9e3
to
459dd73
Compare
/priority important-soon |
cmd/kube-proxy/app/server.go
Outdated
// Start up a healthz server if requested | ||
if s.HealthzServer != nil { | ||
s.HealthzServer.Run() | ||
s.HealthzServer.Run(errCh) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
As a "pre-factoring", what would yo think about (in a commit of its own) making Run() be synchronous (take out the go
inside it) and making callers call it like:
go func() {
err := s.HealthzServer.Run()
if err != nil {
errCh <- err
}
}
Then when you add the hard fail, that just becomes a flag to Run(), instead of a constructor flag.
I can do this prefactoring if you prefer - this code is itching for some cleanups, but I wonder if I am clear in my goals?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
As a starting example: https://github.com/kubernetes/kubernetes/compare/master...thockin:proxy-cleanup?expand=1
I'd like to see the same for metrics (moved to a function as much as possible).
Then error handling becomes passing errCh to those (or nil for not reporting errors)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks a lot @thockin !
Please feel free to do the prefactoring.
If you don't have the time, I can also pick it up (thank you for your starting example).
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Rebased on #89654
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
#89654 merged.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
459dd73
to
a1751c3
Compare
/test pull-kubernetes-node-e2e |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Almost there!
cmd/kube-proxy/app/server.go
Outdated
// For historical reasons we do not abort on errors here. We may | ||
// change that in the future. | ||
klog.Errorf("healthz server failed: %v", err) | ||
klog.Errorf("starting healthz server failed: %v", err) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It's not an error starting, it's an error. If the HTTP server starts and later fails, this path is hit. The original error string is correct
cmd/kube-proxy/app/server.go
Outdated
// change that in the future. | ||
klog.Errorf("healthz server failed: %v", err) | ||
klog.Errorf("starting healthz server failed: %v", err) | ||
if hardFail { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Why not just test if errCh is nil or not - one less flag
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Good idea!
// For historical reasons we do not abort on errors here. We may | ||
// change that in the future. | ||
utilruntime.HandleError(fmt.Errorf("starting metrics server failed: %v", err)) | ||
err = fmt.Errorf("starting metrics server failed: %v", err) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
same comments as above
…ind to a port as fatal Signed-off-by: SataQiu <1527062125@qq.com>
a1751c3
to
871b90b
Compare
/test pull-kubernetes-integration |
kindly ping @thockin |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks!
/lgtm
/approve
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: SataQiu, thockin The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
…d to a port as fatal kubernetes/kubernetes#89350 Signed-off-by: Maxim Filatov <pipopolam@gmail.com>
…d to a port as fatal kubernetes/kubernetes#89350 Signed-off-by: Maxim Filatov <pipopolam@gmail.com>
What type of PR is this?
/kind feature
What this PR does / why we need it:
kube-proxy: treat failure to bind to a port as fatal
Which issue(s) this PR fixes:
Ref #89265
Special notes for your reviewer:
Does this PR introduce a user-facing change?:
Additional documentation e.g., KEPs (Kubernetes Enhancement Proposals), usage docs, etc.: