Skip to content

Commit

Permalink
Skips checking for readiness on CNI DEL (and instead warns)
Browse files Browse the repository at this point in the history
Because deletes should favor a successful path, the readiness check should be skipped for pod removals.

This can cause an issue where there's pods pending deletes and that might impact scheduling of a pod that may be necessary in order to set the readiness indicator.

Adds a new method  to check for readiness indicator alone in order to immediately log a warning.
  • Loading branch information
dougbtv committed Feb 21, 2024
1 parent 53a68c3 commit 3197182
Show file tree
Hide file tree
Showing 2 changed files with 30 additions and 5 deletions.
9 changes: 7 additions & 2 deletions pkg/multus/multus.go
Original file line number Diff line number Diff line change
Expand Up @@ -815,8 +815,13 @@ func CmdDel(args *skel.CmdArgs, exec invoke.Exec, kubeClient *k8s.ClientInfo) er
}

if in.ReadinessIndicatorFile != "" {
if err := types.GetReadinessIndicatorFile(in.ReadinessIndicatorFile); err != nil {
return cmdErr(k8sArgs, "PollImmediate error waiting for ReadinessIndicatorFile (on del): %v", err)
readinessfileexists, err := types.ReadinessIndicatorExistsNow(in.ReadinessIndicatorFile)
if err != nil {
return cmdErr(k8sArgs, "error checking readinessindicatorfile on CNI DEL @ %v: %v", in.ReadinessIndicatorFile, err)
} else {

Check warning on line 821 in pkg/multus/multus.go

View workflow job for this annotation

GitHub Actions / test (1.21.x, ubuntu-latest)

if block ends with a return statement, so drop this else and outdent its block

Check warning on line 821 in pkg/multus/multus.go

View workflow job for this annotation

GitHub Actions / test (1.20.x, ubuntu-latest)

if block ends with a return statement, so drop this else and outdent its block
if !readinessfileexists {
logging.Verbosef("warning: readinessindicatorfile @ %v does not exist on CNI DEL", in.ReadinessIndicatorFile)
}
}
}

Expand Down
26 changes: 23 additions & 3 deletions pkg/types/conf.go
Original file line number Diff line number Diff line change
Expand Up @@ -20,11 +20,10 @@ import (
"fmt"
"net"
"os"
"path/filepath"
"strings"
"time"

utilwait "k8s.io/apimachinery/pkg/util/wait"

"github.com/containernetworking/cni/libcni"
"github.com/containernetworking/cni/pkg/skel"
cni100 "github.com/containernetworking/cni/pkg/types/100"
Expand Down Expand Up @@ -610,11 +609,32 @@ func CheckSystemNamespaces(namespace string, systemNamespaces []string) bool {
}

// GetReadinessIndicatorFile waits for readinessIndicatorFile
func GetReadinessIndicatorFile(readinessIndicatorFile string) error {
func GetReadinessIndicatorFile(readinessIndicatorFileRaw string) error {
readinessIndicatorFile, err := filepath.Abs(readinessIndicatorFileRaw)
if err != nil {
return fmt.Errorf("failed to get absolute path of readinessIndicatorFile: %v", err)
}

pollDuration := 1000 * time.Millisecond
pollTimeout := 45 * time.Second
return utilwait.PollImmediate(pollDuration, pollTimeout, func() (bool, error) {

Check failure on line 620 in pkg/types/conf.go

View workflow job for this annotation

GitHub Actions / build (1.20.x, arm64, ubuntu-latest)

undefined: utilwait

Check failure on line 620 in pkg/types/conf.go

View workflow job for this annotation

GitHub Actions / build (1.20.x, 386, ubuntu-latest)

undefined: utilwait

Check failure on line 620 in pkg/types/conf.go

View workflow job for this annotation

GitHub Actions / build (1.20.x, s390x, ubuntu-latest)

undefined: utilwait

Check failure on line 620 in pkg/types/conf.go

View workflow job for this annotation

GitHub Actions / build (1.21.x, arm, ubuntu-latest)

undefined: utilwait

Check failure on line 620 in pkg/types/conf.go

View workflow job for this annotation

GitHub Actions / build (1.20.x, amd64, ubuntu-latest)

undefined: utilwait

Check failure on line 620 in pkg/types/conf.go

View workflow job for this annotation

GitHub Actions / build (1.20.x, arm, ubuntu-latest)

undefined: utilwait

Check failure on line 620 in pkg/types/conf.go

View workflow job for this annotation

GitHub Actions / build (1.20.x, ppc64le, ubuntu-latest)

undefined: utilwait

Check failure on line 620 in pkg/types/conf.go

View workflow job for this annotation

GitHub Actions / build (1.21.x, 386, ubuntu-latest)

undefined: utilwait

Check failure on line 620 in pkg/types/conf.go

View workflow job for this annotation

GitHub Actions / build (1.21.x, amd64, ubuntu-latest)

undefined: utilwait

Check failure on line 620 in pkg/types/conf.go

View workflow job for this annotation

GitHub Actions / build (1.21.x, arm64, ubuntu-latest)

undefined: utilwait

Check failure on line 620 in pkg/types/conf.go

View workflow job for this annotation

GitHub Actions / test (1.21.x, ubuntu-latest)

undefined: utilwait

Check failure on line 620 in pkg/types/conf.go

View workflow job for this annotation

GitHub Actions / test (1.20.x, ubuntu-latest)

undefined: utilwait
_, err := os.Stat(readinessIndicatorFile)
return err == nil, nil
})
}

func ReadinessIndicatorExistsNow(readinessIndicatorFileRaw string) (bool, error) {

Check warning on line 626 in pkg/types/conf.go

View workflow job for this annotation

GitHub Actions / test (1.21.x, ubuntu-latest)

exported function ReadinessIndicatorExistsNow should have comment or be unexported

Check warning on line 626 in pkg/types/conf.go

View workflow job for this annotation

GitHub Actions / test (1.20.x, ubuntu-latest)

exported function ReadinessIndicatorExistsNow should have comment or be unexported
readinessIndicatorFile, err := filepath.Abs(readinessIndicatorFileRaw)
if err != nil {
return false, fmt.Errorf("failed to get absolute path of readinessIndicatorFile: %v", err)
}

_, err = os.Stat(readinessIndicatorFile)

Check failure

Code scanning / CodeQL

Uncontrolled data used in path expression High

This path depends on a
user-provided value
.
if err != nil {
if os.IsNotExist(err) {
return false, nil
}
return false, err
}
return true, nil
}

0 comments on commit 3197182

Please sign in to comment.