Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore(kuma-cp) change exec probes to http #1407

Merged
merged 4 commits into from
Jan 18, 2021
Merged

chore(kuma-cp) change exec probes to http #1407

merged 4 commits into from
Jan 18, 2021

Conversation

jakubdyszkiewicz
Copy link
Contributor

Summary

This PR changes the way we probe Kuma DP sidecar.
So far we were using exec healthchecks and /ready endpoint on Admin API. Admin API is exposed only on loopback interface for security reasons.

This PR exposes /ready to the outside of the container, but only the /ready endpoint. This way we can change probe from exec to http

Reason

Containerd 1.4.0 had a bug of Pods being stuck at Terminating status when there was a container with exec probe.
awslabs/amazon-eks-ami#563

nickolaev
nickolaev approved these changes Jan 14, 2021
View reviewed changes
Copy link
Contributor

@nickolaev nickolaev left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks great to me!

pkg/xds/generator/admin_proxy_generator.go Outdated
envoy_names "github.com/kumahq/kuma/pkg/xds/envoy/names"
)

// OriginPrometheus is a marker to indicate by which ProxyGenerator resources were generated.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit: the comment is about OriginPrometheus -> OriginAdmin

@nickolaev nickolaev marked this pull request as ready for review January 14, 2021 16:09
@nickolaev nickolaev requested a review from a team as a code owner January 14, 2021 16:09
@nickolaev
Copy link
Contributor

Shall we backport?

lobkovilya
lobkovilya reviewed Jan 15, 2021
View reviewed changes
pkg/xds/generator/admin_proxy_generator.go
})
}

resources.Add(&core_xds.Resource{
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Do we need this cluster if proxy.Dataplane.Spec.GetNetworking().Address == "127.0.0.1"?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes, because we may still use it for Prometheus

@jakubdyszkiewicz jakubdyszkiewicz merged commit c1fa394 into master Jan 18, 2021
@jakubdyszkiewicz jakubdyszkiewicz deleted the chore/expose-admin-endpoints branch January 18, 2021 16:07
mergify bot pushed a commit that referenced this pull request Jan 18, 2021
@jakubdyszkiewicz
chore(kuma-cp) change exec probes to http (#1407)
e32afa4 
Signed-off-by: Jakub Dyszkiewicz <[email protected]>
(cherry picked from commit c1fa394)
@mergify mergify bot mentioned this pull request Jan 18, 2021
Merged
jakubdyszkiewicz pushed a commit that referenced this pull request Jan 19, 2021
@mergify
chore(kuma-cp) change exec probes to http (#1407)
fad311e 
Signed-off-by: Jakub Dyszkiewicz <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@lobkovilya lobkovilya lobkovilya approved these changes

@nickolaev nickolaev nickolaev approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@jakubdyszkiewicz @nickolaev @lobkovilya