Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

kubectl wait ensures observedGeneration >= generation #97408

Merged
merged 2 commits into from Feb 3, 2021
Merged

kubectl wait ensures observedGeneration >= generation #97408

merged 2 commits into from Feb 3, 2021

Conversation

KnicKnic
Copy link
Contributor

What type of PR is this?

/kind feature

What this PR does / why we need it:
Ensures that kubectl wait checks observedGeneration >= generation of the object before completing if observedGeneration exists (on either .status.conditions or .status).

Why is this needed:
script does the following

  1. kubectl to update a CRD
    1. This causes a condition to go from True -> False when the controller will update the status
  2. kubectl to wait for CRD to return condition True

However if the controller that updates the status has yet to realize the change and reset it to false by the time step 2 runs, kubectl will return immediately as the condition reflects stale state.

Which issue(s) this PR fixes:

Fixes kubernetes/kubectl#962

Special notes for your reviewer:

Does this PR introduce a user-facing change?:

kubectl wait ensures that observedGeneration >= generation if applicable

@k8s-ci-robot k8s-ci-robot added release-note Denotes a PR that will be considered when it comes time to generate release notes. kind/feature Categorizes issue or PR as related to a new feature. size/L Denotes a PR that changes 100-499 lines, ignoring generated files. cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. do-not-merge/needs-sig Indicates an issue or PR lacks a `sig/foo` label and requires one. needs-triage Indicates an issue or PR lacks a `triage/foo` label and requires one. labels Dec 20, 2020
@k8s-ci-robot
Copy link
Contributor

@KnicKnic: This issue is currently awaiting triage.

If a SIG or subproject determines this is a relevant issue, they will accept it by applying the triage/accepted label and provide further guidance.

The triage/accepted label can be added by org members by writing /triage accepted in a comment.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@k8s-ci-robot
Copy link
Contributor

Hi @KnicKnic. Thanks for your PR.

I'm waiting for a kubernetes member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work. Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@k8s-ci-robot k8s-ci-robot added needs-ok-to-test Indicates a PR that requires an org member to verify it is safe to test. needs-priority Indicates a PR lacks a `priority/foo` label and requires one. labels Dec 20, 2020
@k8s-ci-robot k8s-ci-robot added area/kubectl sig/cli Categorizes an issue or PR as relevant to SIG CLI. and removed do-not-merge/needs-sig Indicates an issue or PR lacks a `sig/foo` label and requires one. labels Dec 20, 2020
@KnicKnic KnicKnic changed the title wait ensures observedGeneration >= generation kubectl wait ensures observedGeneration >= generation Dec 20, 2020
@pwittrock
Copy link
Member

/ok-to-test

@k8s-ci-robot k8s-ci-robot added ok-to-test Indicates a non-member PR verified by an org member that is safe to test. and removed needs-ok-to-test Indicates a PR that requires an org member to verify it is safe to test. labels Jan 5, 2021
@KnicKnic
Copy link
Contributor Author

KnicKnic commented Jan 6, 2021

/retest

@eddiezane
Copy link
Member

/assign @brianpursley

@eddiezane
Copy link
Member

/assign @seans3

@brianpursley
Copy link
Member

@KnicKnic See kubernetes/kubectl#962 (comment). I'm trying to understand the scenario where the current wait functionality doesn't work. Can you provide an example?

@KnicKnic
Copy link
Contributor Author

KnicKnic commented Jan 8, 2021
edited

@KnicKnic See kubernetes/kubectl#962 (comment). I'm trying to understand the scenario where the current wait functionality doesn't work. Can you provide an example?

I originally replied, here, I have moved the post to kubernetes/kubectl#962 (comment)

@brianpursley
Copy link
Member

Thank you for the very detailed explanation @KnicKnic . I think it makes sense and illustrates the problem.

So basically whenever there is an observedGeneration < generation then you know there is some change pending that hasn't been observed yet. You can't be 100% certain that whatever change is pending is relevant to what you are waiting for, but by waiting for the observed generation to catch up to the generation, then you can know that you are looking at the latest status conditions and avoid a potential "false positive" when waiting for that condition.

It looks like your PR will handle cases where the resource might not have an observedGeneration (that's good), or in case where the observedGeneration is either at the status or the condition level.

I see that observedGeneration is at the status level for deployments, replicasets, and statefulsets. I am not aware of where it is at the condition level. I don't have a problem with that per-se, but would want to get others opinions if this is introducing a new convention that is not already in use. Feel free to correct me if I am wrong about this, because I'm just not too familiar with observedGeneration.

Aside from that, I think this seems like an OK change. It looks like you might be missing a test case around testing when observedGeneration is on status, not condition (I'll leave a comment in the review).

I'd like to hear some of the other reviewers chime in with their thoughts on this.

@KnicKnic
Copy link
Contributor Author

I see that observedGeneration is at the status level for deployments, replicasets, and statefulsets. I am not aware of where it is at the condition level. I don't have a problem with that per-se, but would want to get others opinions if this is introducing a new convention that is not already in use. Feel free to correct me if I am wrong about this, because I'm just not too familiar with observedGeneration.

@brianpursley observedGeneration is used in kubernetes(itself) on a condition in not many places
storageVersion uses it -

kubernetes/staging/src/k8s.io/apiserver/pkg/storageversion/updater.go

Line 64 in 4efd564

ObservedGeneration: sv.Generation,

apiMachinery uses it -

kubernetes/staging/src/k8s.io/apimachinery/pkg/api/meta/conditions.go

Line 54 in a69a4a4

existingCondition.ObservedGeneration = newCondition.ObservedGeneration

One thing about allowing observedgeneration to be different per condition. It allows 2 scenarios (that I can think of).

  1. If a CRD has conditions that can be queried quickly, and those that can be queried slowly (to build the state). It allows the controller to quickly bump the quick conditions & their observedGeneration and bump the other ones slower.
    1. This allows quick updates for quick conditions
  2. It allows a controller to be split up and have multiple actors act upon a single crd. Each can update their conditions seperately

My scenarios was that I am using ApiMachinery conditions for my controller so I should respect the observedGeneration in those objects. Also to future proof against 1 & 2.

@KnicKnic
Copy link
Contributor Author

I see that observedGeneration is at the status level for deployments, replicasets, and statefulsets. I am not aware of where it is at the condition level. I don't have a problem with that per-se, but would want to get others opinions if this is introducing a new convention that is not already in use. Feel free to correct me if I am wrong about this, because I'm just not too familiar with observedGeneration.

@brianpursley observedGeneration is used in kubernetes(itself) on a condition in not many places
storageVersion uses it -

kubernetes/staging/src/k8s.io/apiserver/pkg/storageversion/updater.go

Line 64 in 4efd564

ObservedGeneration: sv.Generation,

apiMachinery uses it -

kubernetes/staging/src/k8s.io/apimachinery/pkg/api/meta/conditions.go

Line 54 in a69a4a4

existingCondition.ObservedGeneration = newCondition.ObservedGeneration

One thing about allowing observedgeneration to be different per condition. It allows 2 scenarios (that I can think of).

  1. If a CRD has conditions that can be queried quickly, and those that can be queried slowly (to build the state). It allows the controller to quickly bump the quick conditions & their observedGeneration and bump the other ones slower.

    1. This allows quick updates for quick conditions

  2. It allows a controller to be split up and have multiple actors act upon a single crd. Each can update their conditions seperately

My scenarios was that I am using ApiMachinery conditions for my controller so I should respect the observedGeneration in those objects. Also to future proof against 1 & 2.

@dixudx @pwittrock Any thoguhts?

@KnicKnic
Copy link
Contributor Author

@brianpursley
ObservedGeneration is in the template recommended by sig machinery for conditions to help standardize usage of conditions. see KEP https://github.com/kubernetes/enhancements/tree/master/keps/sig-api-machinery/1623-standardize-conditions . The actual implementation is at

kubernetes/staging/src/k8s.io/apimachinery/pkg/apis/meta/v1/types.go

Lines 1369 to 1374 in 77b194a

// observedGeneration represents the .metadata.generation that the condition was set based upon.
// For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
// with respect to the current state of the instance.
// +optional
// +kubebuilder:validation:Minimum=0
ObservedGeneration int64 `json:"observedGeneration,omitempty" protobuf:"varint,3,opt,name=observedGeneration"`

@brianpursley
Copy link
Member

@KnicKnic Thanks, I see that now. I guess I didn't notice that b/c it is in so many other Status types and only one place there.

Given that ObservedGeneration can occur at both Status and Condition and it looks like you're handling both cases, I think this looks fine.

/lgtm

@k8s-ci-robot k8s-ci-robot added the lgtm "Looks good to me", indicates that a PR is ready to be merged. label Jan 28, 2021
@KnicKnic
Copy link
Contributor Author

/assign @seans3

seans3
seans3 approved these changes Feb 3, 2021
View reviewed changes
Copy link
Contributor

@seans3 seans3 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/lgtm

Thanks for investing in the tests.

@k8s-ci-robot
Copy link
Contributor

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: brianpursley, KnicKnic, seans3

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@k8s-ci-robot k8s-ci-robot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Feb 3, 2021
@eddiezane
Copy link
Member

/retest

I think these failures are from Docker Hub rate limiting?

I'm still getting caught up from a break so not sure if this has been encountered recently.

cc @spiffxp @BenTheElder @thejoycekung

https://prow.k8s.io/view/gs/kubernetes-jenkins/pr-logs/pull/97408/pull-kubernetes-conformance-kind-ga-only-parallel/1357023665123758080

https://prow.k8s.io/view/gcs/kubernetes-jenkins/pr-logs/pull/97408/pull-kubernetes-node-e2e/1357023665153118208/

@KnicKnic
Copy link
Contributor Author

KnicKnic commented Feb 3, 2021

/retest

@k8s-ci-robot k8s-ci-robot merged commit af8594f into kubernetes:master Feb 3, 2021
@k8s-ci-robot k8s-ci-robot added this to the v1.21 milestone Feb 3, 2021
@vincepri vincepri mentioned this pull request May 5, 2021
Closed
@Racer159 Racer159 mentioned this pull request Jul 3, 2023
Closed
5 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@brianpursley brianpursley brianpursley approved these changes

@seans3 seans3 seans3 approved these changes

@dixudx dixudx Awaiting requested review from dixudx

@pwittrock pwittrock Awaiting requested review from pwittrock

Assignees

@brianpursley brianpursley

@seans3 seans3

Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. area/kubectl cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. kind/feature Categorizes issue or PR as related to a new feature. lgtm "Looks good to me", indicates that a PR is ready to be merged. needs-priority Indicates a PR lacks a `priority/foo` label and requires one. needs-triage Indicates an issue or PR lacks a `triage/foo` label and requires one. ok-to-test Indicates a non-member PR verified by an org member that is safe to test. release-note Denotes a PR that will be considered when it comes time to generate release notes. sig/cli Categorizes an issue or PR as relevant to SIG CLI. size/L Denotes a PR that changes 100-499 lines, ignoring generated files.
Projects
None yet
Milestone
v1.21
Development

Successfully merging this pull request may close these issues.

wait should leverage observedGeneration
6 participants
@KnicKnic @k8s-ci-robot @pwittrock @eddiezane @brianpursley @seans3