Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

improvement(neutronapi): Enhance readiness probe to verify SSL certificate presenceAdd #403

Open
wants to merge 2 commits into
base: main
Choose a base branch
from

Conversation

son-vyas
Copy link

improvement(neutronapi): Enhance readiness probe to verify SSL certificate presence

  • Updated the existing readiness probe in the Neutron API deployment to check for the presence of the internal.crt SSL certificate before marking the pod as ready.
  • Applied the SSL certificate check to the HTTPD container as well, ensuring secure traffic handling.
  • Improved the deployment reliability by ensuring that pods are only marked as ready when they have the necessary SSL certificates in place.

…api statefulsets

With the default PodManagementPolicy: OrderedReadyPodManagement the statefulset controller will only progress pods when the previous/current pod is ready or terminated.

When service configuration changes while the pod is starting and the new configuration requires e.g. additional volume mounts the initial pod will never reach ready and therefore an update won't happen.

With ParallelPodManagement the statefulset controller will not wait for pods to be ready or complete termination.
@openshift-ci openshift-ci bot requested review from karelyatin and slawqo August 29, 2024 15:08
Copy link
Contributor

openshift-ci bot commented Aug 29, 2024

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: son-vyas
Once this PR has been reviewed and has the lgtm label, please assign slawqo for approval. For more information see the Kubernetes Code Review Process.

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

Copy link

Build failed (check pipeline). Post recheck (without leading slash)
to rerun all jobs. Make sure the failure cause has been resolved before
you rerun jobs.

https://softwarefactory-project.io/zuul/t/rdoproject.org/buildset/c6d35c339463410d8a48bffb7e5e6d3c

openstack-k8s-operators-content-provider FAILURE in 8m 11s
⚠️ neutron-operator-tempest-multinode SKIPPED Skipped due to failed job openstack-k8s-operators-content-provider

@son-vyas son-vyas force-pushed the add_podmanagement_policy branch from 95db72b to 882c6c8 Compare August 29, 2024 15:29
…icate presence

- Updated the existing readiness probe in the Neutron API deployment to check for the presence of the internal.crt SSL certificate before marking the pod as ready.
- Applied the SSL certificate check to the HTTPD container as well, ensuring secure traffic handling.
- Improved the deployment reliability by ensuring that pods are only marked as ready when they have the necessary SSL certificates in place.
@son-vyas son-vyas force-pushed the add_podmanagement_policy branch from 882c6c8 to 585e0b1 Compare August 29, 2024 15:30
Copy link
Contributor

openshift-ci bot commented Aug 29, 2024

@son-vyas: The following tests failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:

Test name Commit Details Required Rerun command
ci/prow/functional 585e0b1 link true /test functional
ci/prow/neutron-operator-build-deploy-kuttl 585e0b1 link true /test neutron-operator-build-deploy-kuttl
ci/prow/precommit-check 585e0b1 link true /test precommit-check

Full PR test history. Your PR dashboard.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.

Copy link

Build failed (check pipeline). Post recheck (without leading slash)
to rerun all jobs. Make sure the failure cause has been resolved before
you rerun jobs.

https://softwarefactory-project.io/zuul/t/rdoproject.org/buildset/8ee46fddd2e44d5ca2177e3938b3b670

openstack-k8s-operators-content-provider FAILURE in 8m 48s
⚠️ neutron-operator-tempest-multinode SKIPPED Skipped due to failed job openstack-k8s-operators-content-provider

@slawqo
Copy link
Contributor

slawqo commented Sep 4, 2024

This requires more work as CI failures looks like definitely related to that patch

@openshift-merge-robot
Copy link
Collaborator

PR needs rebase.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants