added cleanup policy for deployments #8691
Conversation
stevekuznetsov
changed the title
You need notifications on add, not update or delete. |
No, the work queue will be retriggered when it observes the next add. |
Probably none of those to start. Retry forever on a very slow interval isn't too bad. |
You can manually kick off new deployments. You should have unit tests for your sync loop and probably an integration test for a series actual cleanups. |
|
@deads2k: the man with all the answers. coming to a theatre near you ... |
| // TODO: determine what to do here - should we allow manual fetch using the client calls? | ||
| } | ||
|
|
||
| deploymentConfig := obj.(*deployapi.DeploymentConfig) |
There was a problem hiding this comment.
If deploymentConfig.Spec.RevisionHistoryLimit == nil does everything beyond this point become unnecessary work?
There was a problem hiding this comment.
Yes. I can exit early if the work to fetch the deployments is going to be time-intensive. Currently that nil check occurs at the
if actual, max := len(deployments), deploymentConfig.Spec.RevisionHistoryLimit; max != nil && actual > *maxline
|
Here are the knobs for Is the proposed API here intentionally kept simpler than the |
@Kargakis pointed me to an upstream implementation of this concept, which used the reduced API. I'm not opposed to making it more complicated especially as the extra complexity is simple to add on top of the controller framework. |
stevekuznetsov
force-pushed
the
skuznets/deployment-cleanup
branch
2 times, most recently
from
6b83514
to
c7739df
Compare
|
I don't think we need a separate controller for this |
I don't think rolling this into the existing controller would make the system easier to reason about |
stevekuznetsov
force-pushed
the
skuznets/deployment-cleanup
branch
from
c7739df
to
5d912d8
Compare
|
@ironcladlou RevisionHistoryLimit supersedes prune deployments, that's true. |
Why not? Cleanup should be best-effort at best. |
Separating this out from the main controller:
Since this controller doesn't rely on any knowledge that is contained in the existing controller, I don't see a reason to combine them. |
It should be best effort, but it should also be separate. I want it to be impossible for someone writing bad cleanup code to mess up one of our core controllers. I'm not seeing why I would want to link these together. I don't see any shared information. |
|
So we already have 5 controllers for handling deployments. Coupled with the fact that the main controller already has all the information available to cleanup older deployments, I dont think I will ever consider having an additional controller just for this. It adds unnecessary maintainance and performance burden. The upstream controller has handled cleaning up fine so far. |
This is really just a filter.
I don't have any data available to back this up but I would guess an additional process is more expensive than none. What is the cost of launching a new controller? What impact does it have to the whole system?
This is really a concern for the main controller.
We are in the middle of integrating with upstream deployments. What happens if a deployment is eligible to be handled in the upstream controller? Both controllers will try to clean it up? What happens if a cluster is running only kubernetes deployments? We are launching a separate process for nothing? |
|
Are there any other examples of controllers handling different parts of the spec for a single resource? |
|
So..... I had a question. Why wouldn't we just run |
|
We split service account maintenance tasks across multiple controllers to make each one easier to reason about. |
I don't have a vested interest either way, but I'd guess that making use of existing caches to avoid full lists of every RC and DC in the system is preferable. It also keeps it closer to being in sync. |
Eventually we need the field for a faithful conversion with upstream. But a controller for running a loop that deletes replication controllers with zero replicas seems like an overkill. |
|
I don't think that's measurable in the scheme of things, and this is way On Apr 29, 2016, at 6:29 PM, David Eads [email protected] wrote: Why wouldn't we just run oc prune deployments in a container, in a bash for I don't have a vested interest either way, but I'd guess that making use of — |
|
Cleaning up after making sure the deploymentconfig has been reconciled is what makes sense to me. Having the cleanup running asynchronously in a separate process is a source of bugs waiting to happen. |
|
We already have a process, pattern, and documentation for this. Prune
should respect the policy, but I see little reason to reinvent this
wheel until we are much further along. If you solve pruning
images/builds/deployments on a schedule, you solve an actual problem
our customers have now.
|
stevekuznetsov
force-pushed
the
skuznets/deployment-cleanup
branch
from
bc4b617
to
4f3b46d
Compare
|
Utility method with side-effects ... we should try not to do this. |
|
will squash on green [test]s |
stevekuznetsov
force-pushed
the
skuznets/deployment-cleanup
branch
from
9dd67c8
to
e2158b0
Compare
|
Test passed, @Kargakis ready for a look |
| // if cleanup policy is set but no successful deployments have happened, there will be | ||
| // no active deployment. We can consider all of the deployments in this case except for | ||
| // the latest one | ||
| return deployments[:len(deployments)-1] |
There was a problem hiding this comment.
You need to make sure the last deployment is indeed the latest one. Otherwise, you are disregarding a possible candidate.
There was a problem hiding this comment.
The sort above accomplishes this, and it only exists there for the express purpose of this line
There was a problem hiding this comment.
You have a dc with version=5 and there are only 4 deployments (new is yet to be created). Last deployment is not the latest and is subject to cleanup policy.
stevekuznetsov
force-pushed
the
skuznets/deployment-cleanup
branch
from
e2158b0
to
e147ea8
Compare
Good catch |
|
LGTM [merge] |
Only took four hours of head scratching and questioning my sanity to find it, too ... |
|
|
@Kargakis conversions seem to generate fine locally... hmmm |
The new RevisionHistoryLimit field on a DeploymentConfig allows users to indicate how many old ReplicationControllers they would like OpenShift to keep around to allow for roll- backs. This field intentionally is less powerful than those in `oadm prune` as it drives an administrative cluster task rather than a user-focused task like `prune`. Signed-off-by: Steve Kuznetsov <[email protected]>
stevekuznetsov
force-pushed
the
skuznets/deployment-cleanup
branch
from
e147ea8
to
95d647c
Compare
|
Had to get a more up to date rebase in, @Kargakis genned code should be fine now |
|
Evaluated for origin test up to 95d647c |
|
continuous-integration/openshift-jenkins/test FAILURE (https://ci.openshift.redhat.com/jenkins/job/test_pr_origin/6168/) |
|
[merge] |
|
#9195 [merge] |
|
#8701 [merge] |
|
#9775 [merge] |
|
continuous-integration/openshift-jenkins/merge SUCCESS (https://ci.openshift.redhat.com/jenkins/job/test_pr_origin/6268/) (Image: devenv-rhel7_4586) |
|
@stevekuznetsov you are going to hit all flakes there are :) #8427 [merge] |
|
Evaluated for origin merge up to 95d647c |
|
🎉 |
|
🎊 🎆 |
This PR adds past deployment cleanup to the
DeploymentControllerwhich ensures that we don't have too many replication controllers lying around after deployment configurations evolve.fixes #6731
/cc https://bugzilla.redhat.com/show_bug.cgi?id=1312433
Part of https://trello.com/c/Mljldox7/643-5-deployments-downstream-support-for-upstream-features
@Kargakis @deads2k PTAL