Proposal: v1beta3 API overhaul #1225
Conversation
|
Things I like about this
|
smarterclayton
force-pushed
the
v1beta3_proposals
branch
from
c534e1c to
707a527
Compare
|
I just sent a bunch of comments, but I don't see them in Github at all. On Mon, Sep 8, 2014 at 9:27 PM, Clayton Coleman notifications@github.com
|
|
No, this seems like the problem from the other day. They eventually shown up.
|
|
Ugh. I'll keep an eye on it. I spent like 6 hours on comments, they were If they don't show up I'll do it again in the morning. On Mon, Sep 8, 2014 at 9:50 PM, Clayton Coleman notifications@github.com
|
|
They just ended up on the commit and then I pushed a new commit.
|
|
|
||
| // APIMetadata is shared by all objects sent to, or returned via the API. | ||
| type APIMetadata struct { | ||
| // Kind is a string value representing the REST resource this object represents. |
There was a problem hiding this comment.
Could I beg for vertical whitespace between these?
|
Can we split off v1beta2 first? |
| } | ||
|
|
||
| // PodDesiredState is the state a pod should have when running on a host. | ||
| type PodDesiredState struct { |
There was a problem hiding this comment.
Can we use a name like PodSpec or something? This is the specification for a pod.
|
And what is the protocol here. Do we a) fork a new v1beta3 with big changes and stabilize that or b) make On Mon, Sep 8, 2014 at 9:56 PM, Daniel Smith notifications@github.com
|
|
Overall I like this a lot - I think it helps comprehension enormously. |
|
Yeah, this is labelled as 3 to allow that
|
| type PodStatus string | ||
|
|
||
| // These are the valid statuses of pods. | ||
| const ( |
There was a problem hiding this comment.
Can we have an error state here? I am wondering how to distinguish it from PodWaiting without such state.
There was a problem hiding this comment.
A permanent error means the pod would be in PodTerminated.
There was a problem hiding this comment.
Ok, here is one example. A pod has 3 containers with RestartPolicyNever configed. Container A is terminated with exit code -1, Container B, C are still running happily. In today's system, we reset the PodStatus back to PodWaiting, which is obviously wrong to me. But which other state Pod should be? It is a permanent error, but shouldn't put the entire pod to PodTerminated.
Without Error state at pod level, I am ok to leave pod at PodRunning state with error state for Container itself.
There was a problem hiding this comment.
IMO, that pod should be reported as being in "PodRunning". If users need per-container info they'll have to look inside the PodInfo field.
There was a problem hiding this comment.
Like what I proposed above, I can go with PodRunning. But I don't think
There was a problem hiding this comment.
(sorry I cannot type today)
s/ is a good/ is not a good/
There was a problem hiding this comment.
It seems impossible to present status from three containers in a single field without losing something. And anyway, if your policy is NeverRestart, and one of your containers has exited, who's to say that's an error? If that was an error state, maybe NeverRestart isn't the right policy-- you need something that fails the whole pod if one of the containers exits.
There was a problem hiding this comment.
I think it is reasonable to say that pod state is a "worst of" container states. That's what internal 'let is moving to, and it seems sane.
There was a problem hiding this comment.
I'm opposed to adding more kinds of statuses here. More nuanced information needs to go elsewhere.
I agree a Running pod should never revert to Waiting. It seems like that would be easy to ensure if we saved the status.
I don't know how to interpret "Worst of".
Transitions:
- Waiting->Running: We could/should install all images, then start all containers. Once images are installed, I think we should transition to Running/Active. At that point, we're not waiting. The containers may be broken, but that's not waiting.
- Running->Terminated: All containers need to be permanently dead to reach Terminated, IMO. One container running is Running. The restart policy needs to be taken into account here to avoid race conditions: all containers temporarily being down shouldn't transition a pod whose containers should always restart to Terminated.
Meta-question: Is this the right place to be discussing this? Isn't there a more appropriate PR or issue?
There was a problem hiding this comment.
Let's keep the discussion of what PodStates codes exist off this issue.
| // Event is the representation of an event logged to etcd backends. | ||
| type Event struct { | ||
| Event string `json:"event,omitempty"` | ||
| Manifest *ContainerManifest `json:"manifest,omitempty"` |
There was a problem hiding this comment.
Shouldn't ContainerManifest is deprecated entirely here?
There was a problem hiding this comment.
Recommend only storing the UID anyway, not the whole thing.
|
I really want to dig into this PR later today. For now,
I think the steps are: a. Copy what we have now to v1beta2. fix up links in v1beta1's conversion package. |
smarterclayton
force-pushed
the
v1beta3_proposals
branch
from
657c4bd to
e629bb8
Compare
| // ContainerManifest corresponds to the Container Manifest format, documented at: | ||
| // https://developers.google.com/compute/docs/containers/container_vms#container_manifest | ||
| // This is used as the representation of Kubernetes workloads. | ||
| // DEPRECATED: This structure is no longer referenced by other constructs. |
There was a problem hiding this comment.
Deprecation notices should only appear in the v1beta2 package - v1beta3 will just omit the things.
There was a problem hiding this comment.
Only here as a comment
|
Highly speculative update - rename |
|
LGTM. I'd like to get this merged. We can always tweak this afterward if needed. |
|
Will finish up any remaining feedback for Monday morning.
|
| type PodSpec struct { | ||
| Volumes []Volume `yaml:"volumes" json:"volumes"` | ||
| Containers []Container `yaml:"containers" json:"containers"` | ||
| RestartPolicy RestartPolicy `json:"restartpolicy,omitempty" yaml:"restartpolicy,omitempty"` |
There was a problem hiding this comment.
The json should be restartPolicy.
|
As per the decision in #1458, please update all string constants from Java-style camelCase to Go-style CamelCase. Acronyms, such as protocols, TCP, UDP, HTTP, should be all uppercase, as specified by #1477. The comment of LivenessProbe.Type should be updated to reflect that. Known cases to address: PodStatus, Status.Status, StatusReasons, CauseTypes |
smarterclayton
force-pushed
the
v1beta3_proposals
branch
from
917e694 to
46e41cc
Compare
* Separate metadata from objects * Treat lists differently from resources * Add UID and Annotations on Metadata * Introduce BoundPod(s) as distinct from Pod to represent pods scheduled onto a host * Use "spec" instead of "state" and "status" instead of "currentState" * Identify current status of objects consistently * Use "condition" as the string label for substatus * All string constants should be PublicGoCapitalized * Rename Minion -> Node * Rename ServerOp -> Operation * Remove ContainerManifest * Add api-conventions.md document * Replace PodTemplateSpec in ReplCtrl with ObjectReference
smarterclayton
force-pushed
the
v1beta3_proposals
branch
from
46e41cc to
c0247d9
Compare
|
This has now been updated with all of the current discussion. I specifically did not address ContainerState being renamed - I think we should settle that as a follow on. This pull can land with the proposed API, and we can then begin breaking up the work that constitutes storing it, converting to and from it, exposing it as an API, and plumbing it through a client (each of which has new challenges since we're doing renames, reconstanting, changing response values, etc). |
|
I think this is ready for final review and merge with the caveats above. |
|
LGTM @smarterclayton Agreed on settling ContainerState in a separate PR. Since I introduced it at the first place, once we converged on it, I will address this particular issue crossing all versions. |
|
Recent updates LGTM. Is there any reason to not merge this now and fix oversights later? |
|
No, should have no effect on running code
|
| // Service is a named abstraction of software service (for example, mysql) consisting of local port | ||
| // (for example 3306) that the proxy listens on, and the selector that determines which pods | ||
| // will answer requests sent through the proxy. | ||
| type Service struct { |
There was a problem hiding this comment.
Cross-referencing this with the ip-per-service PR, I have a question. In ip-per-service, the master has to assign a few fields (the IP in particular) to a service upon creation. They must be ignored on input.
Do you see those fields a) in ServiceSpec, b) in Service, c) in ServiceData, d) in BoundService ?
There was a problem hiding this comment.
Sounds like ServiceStatus, similar to how Host is set in PodStatus, no?
Or is your question what the proxy should watch (replacement for endpoints?)?
There was a problem hiding this comment.
On Sep 29, 2014, at 11:47 PM, Tim Hockin notifications@github.com wrote:
In pkg/api/v1beta3/types.go:
// ContainerPort is the name of the port on the container to direct traffic to. // Optional, if unspecified use the first port on the container. ContainerPort util.IntOrString `json:"containerPort,omitempty" yaml:"containerPort,omitempty"`}
-func (*Service) IsAnAPIObject() {}
+// Service is a named abstraction of software service (for example, mysql) consisting of local port
+// (for example 3306) that the proxy listens on, and the selector that determines which pods
+// will answer requests sent through the proxy.
+type Service struct {
Cross-referencing this with the ip-per-service PR, I have a question. In ip-per-service, the master has to assign a few fields (the IP in particular) to a service upon creation. They must be ignored on input.Do you see those fields a) in ServiceSpec, b) in Service, c) in ServiceData, d) in BoundService ?
Seems like ServiceStatus if users can never choose them. If the users can set them or leave it to the server to set a default, maybe we use Spec for user intent and Status for effective state? I feel like the Bound* are more special cases where things are transformed into other atomic units but that's more based on our current pattern.
—
Reply to this email directly or view it on GitHub.
There was a problem hiding this comment.
BoundPod is really just a way of encapsulating a PodSpec + metadata, so the analogy here doesn't really hold, but I was grasping.
I guess *Status sounds close enough. Once this API change lands I will have to figure out how to rebase ip-per-service onto it.
|
in before 200 comments! LGTM, ok to merge in-hours. |
| HostDirectory *HostDirectory `yaml:"hostDir" json:"hostDir"` | ||
| // TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not | ||
| // mount host directories as read/write. | ||
| HostDirectory *HostDirectory `json:"hostDir" yaml:"hostDir"` |
There was a problem hiding this comment.
Just stumbled across #992. We should just resolve it one way or the other in v1beta3. Any compelling arguments against changing Dir to Directory in hostDir and emptyDir?
There was a problem hiding this comment.
I'm fine with changing emptyDir to EmptyDirectory or even just "empty".
hostDir is interesting - it doesn't have to be a directory at all - it can be a host file. Maybe it should just become hostMount or fromHost or something.
I don't think v1beta3 needs to block on either of these - I think we can make a compatible change here.
There was a problem hiding this comment.
How about hostPath and emptyDirectory?
There was a problem hiding this comment.
That's good, but I think we can make that change in a compatible way, so
v1b3 doesn't need to block.
On Tue, Sep 30, 2014 at 9:53 AM, bgrant0607 notifications@github.com
wrote:
In pkg/api/v1beta3/types.go:
@@ -86,16 +129,16 @@ type VolumeSource struct {
// HostDirectory represents a pre-existing directory on the host machine that is directly
// exposed to the container. This is generally used for system agents or other privileged
// things that are allowed to see the host machine. Most containers will NOT need this.
- // TODO(jonesdl) We need to restrict who can use host directory mounts and
- // who can/can not mount host directories as read/write.
- HostDirectory *HostDirectory
yaml:"hostDir" json:"hostDir"- // TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not
- // mount host directories as read/write.
- HostDirectory *HostDirectory
json:"hostDir" yaml:"hostDir"How about hostPath and emptyDirectory?
Reply to this email directly or view it on GitHub
https://github.com/GoogleCloudPlatform/kubernetes/pull/1225/files#r18230436
.
There was a problem hiding this comment.
Any other comments?
On Sep 30, 2014, at 1:01 PM, Tim Hockin notifications@github.com wrote:
In pkg/api/v1beta3/types.go:
@@ -86,16 +129,16 @@ type VolumeSource struct {
// HostDirectory represents a pre-existing directory on the host machine that is directly
// exposed to the container. This is generally used for system agents or other privileged
// things that are allowed to see the host machine. Most containers will NOT need this.
- // TODO(jonesdl) We need to restrict who can use host directory mounts and
- // who can/can not mount host directories as read/write.
- HostDirectory *HostDirectory
yaml:"hostDir" json:"hostDir"- // TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not
- // mount host directories as read/write.
- HostDirectory *HostDirectory
json:"hostDir" yaml:"hostDir"
That's good, but I think we can make that change in a compatible way, so v1b3 doesn't need to block.
…
—
Reply to this email directly or view it on GitHub.
Proposal: v1beta3 API overhaul
Bug 1999325: Backport 107821 and 107831
Speculative change for some items from #1200:
Config(better names welcome) as per Document annotations and guidelines regarding when to use annotations vs labels #1201Not changed yet:
EDIT: Moving to higher bandwidth document here: https://docs.google.com/document/d/1E_HNsbyocweD9zJHXbz5Xb9XPwBqvDnLHhGeBq15FlI/edit?usp=sharing