Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Disable leader election for webhook #3863

Closed
wants to merge 1 commit into from
Closed

Disable leader election for webhook #3863

wants to merge 1 commit into from

Conversation

vincent-pli
Copy link
Member

@vincent-pli vincent-pli commented Apr 1, 2021
edited
Loading

In knative/pkg, controller leverage leader election and buckets to support HA, but webhook has different approach, I mean webhook depends on hpa and pdb, so the webhook do not need any leader election, I mean do not need create lease,

Below is the case when I set buckets: "3" in config-leader-election.yaml, it's not make sense and useless.

tekton-pipelines-webhook.configmapwebhook.00-of-03                                                        tekton-pipelines-webhook-796fdf674c-nhwwb_f4c15288-0f1a-4eec-a0ca-f14b2a7dab4a      7m2s
tekton-pipelines-webhook.configmapwebhook.01-of-03                                                        tekton-pipelines-webhook-796fdf674c-nhwwb_f4c15288-0f1a-4eec-a0ca-f14b2a7dab4a      7m2s
tekton-pipelines-webhook.configmapwebhook.02-of-03                                                        tekton-pipelines-webhook-796fdf674c-nhwwb_f4c15288-0f1a-4eec-a0ca-f14b2a7dab4a      7m2s
tekton-pipelines-webhook.conversionwebhook.00-of-03                                                       tekton-pipelines-webhook-796fdf674c-nhwwb_1c3bdb72-0398-4310-a3ed-c3c30acf1ceb      7m2s
tekton-pipelines-webhook.conversionwebhook.01-of-03                                                       tekton-pipelines-webhook-796fdf674c-nhwwb_1c3bdb72-0398-4310-a3ed-c3c30acf1ceb      7m2s
tekton-pipelines-webhook.conversionwebhook.02-of-03                                                       tekton-pipelines-webhook-796fdf674c-nhwwb_1c3bdb72-0398-4310-a3ed-c3c30acf1ceb      7m2s
tekton-pipelines-webhook.defaultingwebhook.00-of-03                                                       tekton-pipelines-webhook-796fdf674c-nhwwb_6f471e5c-f136-46a2-82c2-bc04a7a3b0db      7m2s
tekton-pipelines-webhook.defaultingwebhook.01-of-03                                                       tekton-pipelines-webhook-796fdf674c-nhwwb_6f471e5c-f136-46a2-82c2-bc04a7a3b0db      7m2s
tekton-pipelines-webhook.defaultingwebhook.02-of-03                                                       tekton-pipelines-webhook-796fdf674c-nhwwb_6f471e5c-f136-46a2-82c2-bc04a7a3b0db      7m2s
tekton-pipelines-webhook.validationwebhook.00-of-03                                                       tekton-pipelines-webhook-796fdf674c-nhwwb_d16d6390-b989-4d7f-b951-17ba1d974783      7m2s
tekton-pipelines-webhook.validationwebhook.01-of-03                                                       tekton-pipelines-webhook-796fdf674c-nhwwb_d16d6390-b989-4d7f-b951-17ba1d974783      7m2s
tekton-pipelines-webhook.validationwebhook.02-of-03                                                       tekton-pipelines-webhook-796fdf674c-nhwwb_d16d6390-b989-4d7f-b951-17ba1d974783      7m2s
tekton-pipelines-webhook.webhookcertificates.00-of-03                                                     tekton-pipelines-webhook-796fdf674c-nhwwb_2272bb66-9d83-40b2-a874-011834ca781c      7m2s
tekton-pipelines-webhook.webhookcertificates.01-of-03                                                     tekton-pipelines-webhook-796fdf674c-nhwwb_2272bb66-9d83-40b2-a874-011834ca781c      7m2s
tekton-pipelines-webhook.webhookcertificates.02-of-03                                                     tekton-pipelines-webhook-796fdf674c-nhwwb_2272bb66-9d83-40b2-a874-011834ca781c      7m2s

Changes

Submitter Checklist

These are the criteria that every PR should meet, please check them off as you
review them:

  • Includes tests (if functionality changed/added)
  • Includes docs (if user facing)
  • Commit messages follow commit message best practices
  • Release notes block has been filled in or deleted (only if no user facing changes)

See the contribution guide for more details.

Double check this list of stuff that's easy to miss:

Reviewer Notes

If API changes are included, additive changes must be approved by at least two OWNERS and backwards incompatible changes must be approved by more than 50% of the OWNERS, and they must first be added in a backwards compatible way.

Release Notes

NONE

@tekton-robot tekton-robot added the release-note Denotes a PR that will be considered when it comes time to generate release notes. label Apr 1, 2021
@tekton-robot tekton-robot requested review from dlorenc and imjasonh April 1, 2021 05:56
@tekton-robot
Copy link
Collaborator

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by:
To complete the pull request process, please assign sbwsg
You can assign the PR to them by writing /assign @sbwsg in a comment when ready.

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@tekton-robot tekton-robot added the size/XS Denotes a PR that changes 0-9 lines, ignoring generated files. label Apr 1, 2021
@vincent-pli
Copy link
Member Author

/kind bug

@tekton-robot tekton-robot added the kind/bug Categorizes issue or PR as related to a bug. label Apr 1, 2021
@vincent-pli
Copy link
Member Author

/release-note-none

@tekton-robot
Copy link
Collaborator

@vincent-pli: you can only set the release note label to release-note-none if the release-note block in the PR body text is empty or "none".

In response to this:

/release-note-none

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

vdemeester
vdemeester reviewed Apr 1, 2021
View reviewed changes
Copy link
Member

@vdemeester vdemeester left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/cc @imjasonh @afrittoli
SGTM

@tekton-robot tekton-robot requested a review from afrittoli April 1, 2021 12:58
@afrittoli
Copy link
Member

afrittoli commented Apr 1, 2021
edited
Loading

In knative/pkg, controller leverage leader election and buckets to support HA, but webhook has different approach, I mean webhook depends on hpa and pdb, so the webhook do not need any leader election, I mean do not need create lease,

The webhook controller does use leader election, not the Admit part, but the Reconcile part does.
For instance for the certificate webhook, only one of the instances of the webhook needs to make sure that the certificate is up to date - if more than one did they'd step on their toes.

It's similar for all the other webhooks. They have an Admit path, which is used by k8s API for validation, defaulting and mutating, but they all have a 2nd Reconcile method which is responsible for the webhook configuration, and only one each need to be leader, only one should Reconcile.

See also: #2735 (comment)

@imjasonh
Copy link
Member

imjasonh commented Apr 1, 2021

@afrittoli this comment is great, can you propose it as official documentation in knative/pkg? I can definitely see other folks using that framework to have similar confusion.

@vincent-pli
Copy link
Member Author

@afrittoli
Thanks point out the mechanism, I check the code, you are right.
It's not just a webhook but a reconciler to watch certification, configuration .etc.

@vincent-pli vincent-pli closed this Apr 2, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@vdemeester vdemeester vdemeester left review comments

@dlorenc dlorenc Awaiting requested review from dlorenc

@imjasonh imjasonh Awaiting requested review from imjasonh

@afrittoli afrittoli Awaiting requested review from afrittoli

Assignees
No one assigned
Labels
kind/bug Categorizes issue or PR as related to a bug. release-note Denotes a PR that will be considered when it comes time to generate release notes. size/XS Denotes a PR that changes 0-9 lines, ignoring generated files.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@vincent-pli @tekton-robot @afrittoli @imjasonh @vdemeester