-
Notifications
You must be signed in to change notification settings - Fork 4.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Post deployment hook cpod does not share network namespace with main pod #10603
Comments
Using the servicename instead of localhost works, as I assume the endpoint is already there, but then this means that the deployment has finished when doing the post-deployment hook. |
@jorgemoralespou I don't see any post-hook defined in your template.
Have you noticed something different? We are waiting for pods to become ready before executing the post-hook. I don't think we are doing anything for configuring network namespaces for the deployer pods. @mfojtik @smarterclayton @knobunc got any ideas on this? |
@Kargakis true. Had the changes not commited. You can see it here: https://raw.githubusercontent.com/jorgemoralespou/ose3-parks/6dfdc2f8394d8673d8ae92dd5b5ec7acad461a34/ose3/application-template-wildfly.json In any case, what I see is that this is executed as a new pod, and hence there is no way that network namespace can be shared with main pod, unless something is done ad-hoc. I think there is an issue (#9924) that could change how post-deployment hooks work in that instead of launching a new pod would launch a container in the same pod, which make more sense, as all the namespaces and filesystem would be shared by default. Also, the quota for pod (when available) could help on defining proper limits. Right now the post-deployment takes all the same quota (or is BestEffort) while it should be quoted and counted against the pod that executes the post-deployment IMHO. |
If you want to deeply control the deployment process, use a custom
deployment. Hook pods are for when you need to run code that is
easily made independent of the deployment process.
If you can't do it with a custom deployment, describe why and we'll
try to address that.
|
@smarterclayton I guess you haven't read the thread. What I want is to be able to install data in the database from a post deployment hook, but instead of executing a script to sed the database connecting remotely i want to call my app (in localhost) to do it, since this is a common practice in javaland |
That would be what you can do in a custom deployment. The only |
@smarterclayton then what are post deployment hooks for? This should be the easy way to solve things. It's just a matter of whether this is a new pod or a container attached and removed to the main pod. IMHO |
Not the same thing, really. You can't mix run once pods and run So your options are
If this is an app that can tolerate > 1 instance of your app, exec pod |
@smarterclayton can you describe option 3. Sorry for my ignorance. As a note, and I think we've already talked about this, launching a Also being able to mix in a pod a runonce container could be helpful in El 25 ago. 2016 1:26, "Clayton Coleman" notifications@github.com escribió:
|
We could in some future release add a "exec in" hook that invokes exec
If you need to start your entire JVM to run DB tests, then your
Execute process in container is worse - that means every pod in your We will not be adding the ability to dynamically add / remove
I don't think requests per pod will solve this problem. Adding an
It won't happen (we've said we will not do it for various reasons) so
If all your hooks depend on a "main pod" to work you're probably |
Would doing a curl http://localhost:8080/ws/load be one of those things that could produce a big overhead into the container? This is one of the places I see more confusion on users of our platform, how to best do capacity planning and limit enforcement for the workloads. SO far, most of the users (a.k.a customers) I know, use Best effort containers. In an ideal world, when users would use the 3 QoS for containers (end within time) to pods, I think there will need to account for whatever is executed in the containers and hooks as these are part of the application (otherwise they would not be implemented as hooks, but as something else, like jobs or ...). And about adding/removing containers to pods, I was mentioning this as an option cause it's been brought up in many discussions around builds with @bparees. To be honest, I still don't see a reason (as you haven't explained them) why having a runonce container in a pod is a problem and why it will not be solved. In any case, as I said, for this issue, I can use servicename to access networking on the main application pod instead of localhost. Now I understand is working as designed, although not properly documented. I'll close this issue, since it seems not to be one, but I'll keep bugging on the "hooks" should run in the pod not in a different pod. |
Would doing a curl http://localhost:8080/ws/load Probably not. So an exec may be reasonable for your use case. Although You could also use a postStart pod hook. This is one of the places I see more confusion on users of our platform, In an ideal world, when users would use the 3 QoS for containers (end I don't think that's the case - hook execution for some people might be And about adding/removing containers to pods, I was mentioning this as an It's been discussed, but there are lots of reasons not to do it (it changes To be honest, I still don't see a reason (as you haven't explained them) kubernetes/kubernetes#127 (comment) We've continually reinforced that decision via other additions (pod level In any case, as I said, for this issue, I can use servicename to access I'll close this issue, since it seems not to be one, but I'll keep bugging Open one for "ExecInContainer" |
I have a post-deployment hook that want to connect to the application being started in a container in the main pod (the deployment) but it's failing to connect.
If I get into the main pod's container and do
curl http://localhost:8080/xxx
I get a response, while from the post-deployment hook I get a curl errorcurl: (7) Failed connect to 127.0.0.1:8080; Connection refused
Version
1.3.0-alpha.3
Steps To Reproduce
Current Result
Failed to connect
Expected Result
Connect succesful
Additional Information
This is 100% reproducible. Since I have set por the post deployment hook Retry, at the end the post-deployment ends in CrashLoop which is also strange
cc/ @Kargakis
The text was updated successfully, but these errors were encountered: