Home Explore Blog CI



kubernetes
4th chunk of `content/en/blog/_posts/2015-04-00-Weekly-Kubernetes-Community-Hangout_11.md`
0950971478240a2471ba3efc6522e56df8e25116fc15deba0000000100000d93
  * another proposal similar: instead of env var like names, have JSON-path-like syntax for referring to object field names; e.g. $.[metadata.name][1] to refer to name of current object, maybe have some syntax for referring to related objects like node that a pod is on. advantage of JSON path-like syntax is that it's less ad hoc. disadvantage is that you can only refer to things that are fields of objects.
  * for both, if you populate env vars then you have drawback that fields only set when container is created. but least degree of coupling -- off the shelf containers, containers don't need to know how to talk to k8s API. keeps the k8s concepts in the control plane.
  * we were converging on JSON path like approach. but need prototype or at least deeper proposal to demo.
  * paul: one variant is for env vars in addition to value field have different sources which is where you would plug in e.g. syntax you use to describe a field of an object; another source would be a source that described info about the host. have partial prototype. clean separation between what's in image vs. control plane. could use source idea for volume plugin.
  * use case: provide info for sidecar container to contact API server.
  * use case: pass down unique identifiers or things like using UID as unique identifier.
  * clayton: for rocket or gce metadata service being available for every pod for more sophisticated things; most containers want to find endpoint of service.

3\. preconditions/dependencies

* when you create pods that talk to services, the service env vars only get populated if you create the objs in the right order. if you use dns it's less of a problem but some apps are fragile. may crash if svc they depend on is not there, may take a long time to restart. proposal to have preconds that block starting pods until objs they depend on exist.
* infer automatically if we ask people to declare which env vars they wanted, or have dep mech at pod or rc or obj level to say this obj doesn't become active until this other thing exists.
* can use event hook? only app owner knows their dependency or when service is ready to serve.
* one proposal is to use pre-start hook. another is precondition probe - pre-start hook could do a probe. does anything respond when i hit this svc address or ip, then probe fails. could be implemented in pre-start hook. more useful than post-start. is part of rkt spec. has stages 0, 1, 2. hard to do in docker today, easy in rocket.
* pre-start hook in container: how will affect readiness probe since the container might have a lock until some arbitrary condition is met if you implement with prestart hook. there has to be some compensation on when kubelet runs readiness/liveness probes if you have a hook. Systemd has timeouts around the stages of process lifecycle.
* if we go to black box model of container pre-start makes sense; if container spec becomes more descriptive of process model like systemd, then does kubelet need to know more about process model to do the right thing.
* ideally msg from inside the container to say i've done all of my pre-start actions. sdnotify for systemd does this. you tell systemd that you're done, it will communicate to other deps that you're alive.
* but... someone could just implement preconds inside their container. makes it easier to adapt an app w/o having to change their image. alternative is just have a pattern how they do it themselves but we don't do it for them.
Title: Downward API Continued, Preconditions/Dependencies for Pod Startup
Summary
The discussion continued on the Downward API, focusing on JSON-path-like syntax for referencing object fields, weighing its benefits against limitations. Env var sourcing was explored, especially for host information, with a use case of providing API server info to sidecars. The conversation then shifted to service dependencies and pod startup preconditions, addressing issues of service unavailability. Proposals included blocking pod starts until dependencies exist, automatic inference, and pre-start hooks/probes, with consideration for readiness probes. An internal messaging mechanism for containers to signal completion (like systemd's sdnotify) was suggested. The group debated implementing preconditions inside containers vs. externally.