Fix bug where broker container name can exceed 63 characters #14964
Conversation
|
@tomgeorge Could you check that this fixes the issue? |
che-bot
added
status/code-review
|
Note that even with this commit, it's possible to encounter #14958 if the organization publishing the broker image has a name that exceeds 30 characters. |
|
E2E Happy path tests of Eclipse Che Single User on K8S (minikube v1.1.1) has failed:
|
|
E2E tests of Eclipse Che Multiuser on OCP has been successful:
|
|
ci-build |
| Matcher matcher = IMAGE_PATTERN.matcher(image); | ||
| String containerName; | ||
| if (matcher.matches()) { | ||
| containerName = String.format("%s/%s", matcher.group("org"), matcher.group("image")); | ||
| } else { | ||
| containerName = image; |
There was a problem hiding this comment.
will it be possible to extract this into method and cover with unit test + doc (the logic is not transparent IMO)
There was a problem hiding this comment.
I've extracted the method (and simplified it to strip everything but image name) and added tests.
|
containers will start with this fix |
The container name for the plugin broker is derived from its docker image reference. When this reference contains a registry, it's possible for this name to exceed the 63-character limit imposed by Kubernetes, e.g. my-internal-registry/my-organization/che-unified-plugin-broker:v0.20 results in a broker container named my-internal-registry-my-organization-che-unified-plugin-broker-v0-20 This commit removes the registry hostname from the container name and keeps the conversion the same. Signed-off-by: Angel Misevski <amisevsk@redhat.com>
Signed-off-by: Angel Misevski <amisevsk@redhat.com>
amisevsk
force-pushed
the
broker-name-length
branch
from
d7bfb3b
to
fd98a46
Compare
|
@sleshchenko Ilya and I discussed in standup that it's probably safer to just remove everything but image name (since a long organization name could still cause the issue) -- could you reapprove the new logic? |
|
E2E Happy path tests of Eclipse Che Single User on K8S (minikube v1.1.1) has been successful:
|
|
E2E tests of Eclipse Che Multiuser on OCP has been successful:
|
| // There's a chance the full image reference may be over the name limit of 63 chars | ||
| // so we need to remove registry hostname |
There was a problem hiding this comment.
@amisevsk this comment looks obsolete
There was a problem hiding this comment.
or maybe it meant to be added to the generateContainerNameFromImageRef doc?
There was a problem hiding this comment.
Moved docs to generateContainerNameFromImageRef
Signed-off-by: Angel Misevski <amisevsk@redhat.com>
|
E2E tests of Eclipse Che Multiuser on OCP has failed:
|
|
E2E Happy path tests of Eclipse Che Single User on K8S (minikube v1.1.1) has been successful:
|
|
ci-test |
|
ci-build |
|
E2E tests of Eclipse Che Multiuser on OCP has failed:
|
|
ci-build |
@amisevsk looks like formatting needs to be fixed ;) |
Signed-off-by: Angel Misevski <amisevsk@redhat.com>
|
E2E Happy path tests of Eclipse Che Single User on K8S (minikube v1.1.1) has been successful:
|
| {"very-long-registry-hostname-url.service/eclipse/image:tag", "image-tag"}, | ||
| {"eclipse/che-unified-plugin-broker:v0.20", "che-unified-plugin-broker-v0-20"}, | ||
| {"very-long-organization.name-eclipse-che/image:tag", "image-tag"}, | ||
| {"very-long-registry-hostname-url.service/very-long-organization/image:tag", "image-tag"} |
There was a problem hiding this comment.
different images from different registries or users will have same name
It looks odd when you debug if there is no easy way to know from where it could come
There was a problem hiding this comment.
You could always get the full image ref from the pod or env var though. There's no way to include registry and organization in the name, since it very easily goes over the 63 char limit (the length of just the broker pod name + version is 32 chars already).
There was a problem hiding this comment.
I never talked on including the full registry or org name
but I think it's like some logger are doing for packages
instead of seeing org.apache.catalina.something you see o.a.c.something
In logger of Tomcat I see for example o.a.c.startup.VersionLoggerListener
so I know more from where is coming the VersionLoggerListener class than if only VersionLoggerListener was displayed
So I would say you could do something similar, it's for UX.
and of course I could go to openshift webconsole or somewhere else but it's definitely not UX
There was a problem hiding this comment.
quay.io/my-organization/che-unified-plugin-broker:v0.20 --> q-m-che-unified-plugin-broker-v0-20
docker.io/my-organization/che-unified-plugin-broker:v0.20 --> d-m-che-unified-plugin-broker-v0-20
docker.io/other-organization/che-unified-plugin-broker:v0.20 --> d-o-che-unified-plugin-broker-v0-20
There was a problem hiding this comment.
@benoitf this sounds like a relevant improvement, but is it really that valuable?
There was a problem hiding this comment.
I think q-m-che-unified-broker-image-v0-20 and d-m-che-unified-plugin-broker-v0-20 are less readable than che-unified-plugin-broker-v0-20. Even with the truncation, it's an external reference (whereas logger trimming is referring to internal classes), so you'll still have to ask "what image is this/where is it hosted/what is it built from?" A single m character doesn't tell us anything real about the actual organization it's pushed to. I care more about what job the broker has (init vs unified), and what version it comes from (since e.g. v0.19 brokers don't support offline).
There was a problem hiding this comment.
It seems i'm the only one to care UX or that it's just a hot fix of removing repo/org and not fixing the 63 limit
If we know that we can't reach more than 63 values should never return more than 63 characters
@amisevk. You may use other prefix it was an example to illustrate that you may care repo/org more than full image name as well
I won't block but to me it's not a fix of the issue. Just hot fix
There was a problem hiding this comment.
Also speaking about UX I think issue is that we're giving each image name independently and not a set of images so the logic can work only on a limited data while with all images it could dedup in a better format all images
|
E2E tests of Eclipse Che Multiuser on OCP has been successful:
|
|
@dmytro-ndp @vkuznyetsov @rhopp please provide QA approval |
|
What happens for my image like:
(if this image is a broker) |
|
@benoitf isn't it an edge case? |
|
I don't know, issue is about 63characters limit but PR is just a workaround by stripping org/repo |
well, dropping the org,repo makes the possibility of hitting 63 chars limit utterly unlike. unless you use smth like #14964 (comment) |
che-bot
removed
the
status/code-review
|
@amisevsk could you please backport it to 7.3.x ? |
What does this PR do?
Strips docker registry hostname when creating a container name for plugin brokers.
The container name for the plugin broker is derived from its docker image reference. When this reference contains a registry, it's possible for this name to exceed the 63-character limit imposed by Kubernetes,
e.g.
results in a broker container named
What issues does this PR fix or reference?
#14958