Ignore and potentially prevent reporting container status for not-existing containers #124915
Labels
kind/bug
Categorizes issue or PR as related to a bug.
needs-triage
Indicates an issue or PR lacks a `triage/foo` label and requires one.
sig/node
Categorizes an issue or PR as relevant to SIG Node.
Projects
What happened?
Some third party controllers may report the Container Status for containers that are not defined in a pod spec. This may lead to inconsistencies in codebase and ideally needs to be blocked.
We see this with the admiraltyio/admiralty#206, but there may be more examples like this since k8s never checked for consistency of statuses to specs.
What did you expect to happen?
As mentioned: #124906 (review) usages of container statuses needs to be reviewed and in most places we should start ignoring statuses for non-existing containers.
How can we reproduce it (as minimally and precisely as possible)?
Update the Pod Status with the container status for the container that doesn't exist:
Anything else we need to know?
/sig node
Kubernetes version
Cloud provider
OS version
Install tools
Container runtime (CRI) and version (if applicable)
Related plugins (CNI, CSI, ...) and versions (if applicable)
The text was updated successfully, but these errors were encountered: