From 35b4d6df25612370bca40cf9f0ff52c92d719fe3 Mon Sep 17 00:00:00 2001 From: Xuecheng Date: Thu, 15 Sep 2022 07:15:16 -0700 Subject: [PATCH] add nodeName check before ota update Signed-off-by: Xuecheng --- pkg/yurthub/otaupdate/ota.go | 16 +++++++++++----- pkg/yurthub/otaupdate/ota_test.go | 2 +- pkg/yurthub/server/server.go | 2 +- 3 files changed, 13 insertions(+), 7 deletions(-) diff --git a/pkg/yurthub/otaupdate/ota.go b/pkg/yurthub/otaupdate/ota.go index 18d3048e529..3b8f3bcfb96 100644 --- a/pkg/yurthub/otaupdate/ota.go +++ b/pkg/yurthub/otaupdate/ota.go @@ -65,13 +65,13 @@ func GetPods(clientset kubernetes.Interface, nodeName string) http.Handler { } // UpdatePod update a specifc pod(namespace/podname) to the latest version -func UpdatePod(clientset kubernetes.Interface) http.Handler { +func UpdatePod(clientset kubernetes.Interface, nodeName string) http.Handler { return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { params := mux.Vars(r) namespace := params["ns"] podName := params["podname"] - err, ok := applyUpdate(clientset, namespace, podName) + err, ok := applyUpdate(clientset, namespace, podName, nodeName) if err != nil { returnErr(fmt.Errorf("Apply update failed"), w, http.StatusInternalServerError) return @@ -85,16 +85,22 @@ func UpdatePod(clientset kubernetes.Interface) http.Handler { } // applyUpdate execute pod update process by deleting pod under OnDelete update strategy -func applyUpdate(clientset kubernetes.Interface, namespace, podName string) (error, bool) { +func applyUpdate(clientset kubernetes.Interface, namespace, podName, nodeName string) (error, bool) { pod, err := clientset.CoreV1().Pods(namespace).Get(context.TODO(), podName, metav1.GetOptions{}) if err != nil { klog.Errorf("Get pod %v/%v failed, %v", namespace, podName, err) return err, false } - // Pod will not be updated while it's being deleted + // Pod will not be updated when it's being deleted if pod.DeletionTimestamp != nil { - klog.Infof("Pod %v/%v is deleting, can not update", namespace, podName) + klog.Infof("Pod %v/%v is deleting, can not be updated", namespace, podName) + return nil, false + } + + // Pod will not be updated when it's not running on the current node + if pod.Spec.NodeName != nodeName { + klog.Infof("Pod: %v/%v is running on %v, can not be updated", namespace, podName, pod.Spec.NodeName) return nil, false } diff --git a/pkg/yurthub/otaupdate/ota_test.go b/pkg/yurthub/otaupdate/ota_test.go index 74e3a8a29bb..d53e4e04a28 100644 --- a/pkg/yurthub/otaupdate/ota_test.go +++ b/pkg/yurthub/otaupdate/ota_test.go @@ -122,7 +122,7 @@ func TestUpdatePod(t *testing.T) { req = mux.SetURLVars(req, vars) rr := httptest.NewRecorder() - UpdatePod(clientset).ServeHTTP(rr, req) + UpdatePod(clientset, "").ServeHTTP(rr, req) assert.Equal(t, test.expectedCode, rr.Code) assert.Equal(t, test.expectedData, rr.Body.String()) diff --git a/pkg/yurthub/server/server.go b/pkg/yurthub/server/server.go index d4ed80fe4a1..8f87fa37c15 100644 --- a/pkg/yurthub/server/server.go +++ b/pkg/yurthub/server/server.go @@ -174,7 +174,7 @@ func registerHandlers(c *mux.Router, cfg *config.YurtHubConfiguration, certifica // register handler for ota upgrade c.Handle("/pods", ota.GetPods(clientset, nodeName)).Methods("GET") - c.Handle("/openyurt.io/v1/namespaces/{ns}/pods/{podname}/upgrade", ota.UpdatePod(clientset)).Methods("POST") + c.Handle("/openyurt.io/v1/namespaces/{ns}/pods/{podname}/upgrade", ota.UpdatePod(clientset, nodeName)).Methods("POST") } // healthz returns ok for healthz request