fix: avoid unnecessary headless endpoint mirrors cleanups during GC #12500
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
marwanad
force-pushed
the
avoid-headless-service-cleanup
branch
from
aa28959
to
635cb00
Compare
Signed-off-by: Marwan Ahmed <me@marwanad.com>
Signed-off-by: Marwan Ahmed <me@marwanad.com>
marwanad
force-pushed
the
avoid-headless-service-cleanup
branch
from
635cb00
to
73abc21
Compare
adleong
approved these changes
Apr 25, 2024
the-wondersmith
pushed a commit
to the-wondersmith/linkerd2
that referenced
this pull request
Apr 27, 2024
…inkerd#12500) Subject Fixes a bug where headless endpoint mirrors get cleaned up during GC Problem When GC is triggered (which also happens at startup or when the link watch disconnects), the service mirror controller attempts to look for services that can be GC'ed. This is done by looping through the local mirrored services on the cluster, then extracting the name of the original service in the remote (by dropping the target name suffix). However, this check doesn't account for the headless endpoint service mirrors (the per pod cluster IP services). For example, if you have nginx-svc in the west cluster and two replicas, the source cluster will end up with nginx-svc-west, nginx-set-0-west and nginx-set-1-west. The logic would then parse the resource name for the latter two services as nginx-set-0 and nginx-set-1 which won't exist on the remote and ends up deleting them as part of GC. The next sync would recreate those mirrors but you end up with downtime. Solution For those cases, instead of parsing the remote resource from the local service name, retrieve the info from the `mirror.linkerd.io/headless-mirror-svc-name` label. Validation Unit tests Fixes linkerd#12499 Signed-off-by: Marwan Ahmed <me@marwanad.com> Signed-off-by: Mark S <the@wondersmith.dev>
the-wondersmith
pushed a commit
to the-wondersmith/linkerd2
that referenced
this pull request
Apr 29, 2024
…inkerd#12500) Subject Fixes a bug where headless endpoint mirrors get cleaned up during GC Problem When GC is triggered (which also happens at startup or when the link watch disconnects), the service mirror controller attempts to look for services that can be GC'ed. This is done by looping through the local mirrored services on the cluster, then extracting the name of the original service in the remote (by dropping the target name suffix). However, this check doesn't account for the headless endpoint service mirrors (the per pod cluster IP services). For example, if you have nginx-svc in the west cluster and two replicas, the source cluster will end up with nginx-svc-west, nginx-set-0-west and nginx-set-1-west. The logic would then parse the resource name for the latter two services as nginx-set-0 and nginx-set-1 which won't exist on the remote and ends up deleting them as part of GC. The next sync would recreate those mirrors but you end up with downtime. Solution For those cases, instead of parsing the remote resource from the local service name, retrieve the info from the `mirror.linkerd.io/headless-mirror-svc-name` label. Validation Unit tests Fixes linkerd#12499 Signed-off-by: Marwan Ahmed <me@marwanad.com> Signed-off-by: Mark S <the@wondersmith.dev>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Subject
Fixes a bug where headless endpoint mirrors get cleaned up during GC
Problem
When GC is triggered (which also happens at startup or when the link watch disconnects), the service mirror controller attempts to look for services that can be GC'ed. This is done by looping through the local mirrored services on the cluster, then extracting the name of the original service in the remote (by dropping the target name suffix).
However, this check doesn't account for the headless endpoint service mirrors (the per pod cluster IP services). For example, if you have nginx-svc in the west cluster and two replicas, the source cluster will end up with nginx-svc-west, nginx-set-0-west and nginx-set-1-west. The logic would then parse the resource name for the latter two services as nginx-set-0 and nginx-set-1 which won't exist on the remote and ends up deleting them as part of GC.
The next sync would recreate those mirrors but you end up with downtime.
Solution
For those cases, instead of parsing the remote resource from the local service name, retrieve the info from the
mirror.linkerd.io/headless-mirror-svc-namelabel.Validation
Unit tests
Fixes #12499