-
Notifications
You must be signed in to change notification settings - Fork 1.8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
StatefulSet is sensitive to long names - use a hashed name #2768
StatefulSet is sensitive to long names - use a hashed name #2768
Conversation
This PR cannot be merged: expecting exactly one kind/ label Available
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks!
/approve
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks!
/approve
Why not just hash the Workspace Name and the PipelineRun Name so that the length doesn't matter |
Yes, that is also a way to handle it. Hash both names and use a substring of 53 chars. But it is harder to se from where the pod come from - but it is visible in the other labels. |
Do both
prefixName = 'aa-' + workspaceName + "-"+ pipelineName
hashName = hash(prefixName)
podName = leff(prefixName, MAX_LEN-len(hashName+1)) + '-' + hashName
…On Sat, 6 Jun 2020 at 18:33, Jonas Pettersson ***@***.***> wrote:
Why not just hash the Workspace Name and the PipelineRun Name so that the
length doesn't matter
Yes, that is also a way to handle it. Hash both names and use a substring
of 53 chars. But it is harder to se from where the pod come from - but it
is visible in the other labels.
—
You are receiving this because you commented.
Reply to this email directly, view it on GitHub
<#2768 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AAFEFFMSWNVDFHHYQU2RERTRVH5NRANCNFSM4NVLTEIQ>
.
|
Yes, we could also keep the prefix and use a 34 chars substring of the hash of workspace+pipelinerun. E.g. That would make it easier to understand when doing Would that be a good alternative? |
b923e18
to
6bc75f5
Compare
The following is the coverage report on the affected files.
|
The implementation is now changed to use a hashed name, so that the length of the StatefulSet Name is consistent. A typical name of the Affinity Assistant will now be:
/hold cancel |
Cool One question about the use of a stateful set, why isn't this 'affinity-assistant' just implemented via a single Pod ? |
@cameronbraid I wrote a motivation about why I use |
6bc75f5
to
2aecd8c
Compare
The following is the coverage report on the affected files.
|
/lgtm Thanks for the quick fix! |
Appeared in the integration test logs 😿:
|
@pritidesai from what logs? The latest is pull-tekton-pipeline-integration-tests |
|
Thanks for the excellent commit message @jlpettersson !!!!! |
func getAffinityAssistantName(pipelineWorkspaceName string, pipelineRunName string) string { | ||
hashBytes := sha256.Sum256([]byte(pipelineWorkspaceName + pipelineRunName)) | ||
hashString := fmt.Sprintf("%x", hashBytes) | ||
return fmt.Sprintf("%s-%s", "affinity-assistant", hashString[:10]) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
we actually have some existing libs around this that you might be able to use: https://github.com/tektoncd/pipeline/blob/master/pkg/names/generate.go
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think I had a look at it, but it is "random"
random suffix
I my use case, I want a consistent hash - from the Workspace Name + PipelineRun Name - so that the same combination always get the same hash.
@jlpettersson it looks like once the conflicts are resolved this is good to go - don't worry too much about the conflicts, I'm happy to work around them when cherry picking this commit in tomorrow (tho I really appreciate you making it easier to cherry pick!!) |
Names in Kubernetes can be up to 253 chars, but labels can only be up to 63 chars. We are relatively conservative with the two labels we introduce for the Affinity Assistant app.kubernetes.io/component: affinity-assistant app.kubernetes.io/instance: ws-parallel-pipelinerun-bbx6w But apparently, StatefulSets adds a label with the full StatefulSet Name + 10 chars (for a hash) as a label controller-revision-hash: affinity-assistant-ws-parallel-pipelinerun-bbx6w-dd64c6c8d This only leave users to use StatefulSet Names up to 53 chars. We use a prefix of 19 chars (affinity-assistant-) on the Affinity Assistant StatefulSet. This leaves Tekton users with only 34 chars for a combination of Workspace Name and the PipelineRun Name. This commit use a hash of the Workspace Name and the PipelineRun Name to make sure that the name is not too long. Typical labels after this commit will be: labels: app.kubernetes.io/component: affinity-assistant app.kubernetes.io/instance: affinity-assistant-e067465fc0 controller-revision-hash: affinity-assistant-e067465fc0-b78cb9478 statefulset.kubernetes.io/pod-name: affinity-assistant-e067465fc0-0 tekton.dev/pipeline: parallel-pipeline tekton.dev/pipelineRun: parallel-pipelinerun-wr9wd Also the unnecessary name of the PVC in the volumeClaimTemplate-example is removed. This limitation of StatefulSet is apparently a known problem kubernetes/kubernetes#64023 but I was not aware of it. /kind bug Fixes tektoncd#2766
2aecd8c
to
b01d860
Compare
The following is the coverage report on the affected files.
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
/lgtm
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: afrittoli, vdemeester The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
Changes
Names in Kubernetes can be up to 253 chars, but labels can only be up to 63 chars.
We are relatively conservative with the two labels we introduce for the Affinity Assistant
But apparently, StatefulSets adds a label with the full StatefulSet Name + 10 chars (for a hash) as a label
This only leave users to use StatefulSet Names up to 53 chars. We use a prefix of 19 chars (affinity-assistant-) on the Affinity Assistant StatefulSet. This leaves Tekton users with only 34 chars for a combination of Workspace Name and the PipelineRun Name.
This commit use a hash of the Workspace Name and the PipelineRun Name to make sure that the name is not too long.
Typical labels after this commit will be:
Also the unnecessary name of the PVC in the volumeClaimTemplate-example is removed.
This limitation of StatefulSet is apparently a known problem kubernetes/kubernetes#64023 but I was not aware of it.
/kind bug
Fixes #2766
Fixes #2769
Fixes #2796
Submitter Checklist
These are the criteria that every PR should meet, please check them off as you
review them:
See the contribution guide for more details.
Double check this list of stuff that's easy to miss:
cmd
dir, please updatethe release Task to build and release this image.
Reviewer Notes
If API changes are included, additive changes must be approved by at least two OWNERS and backwards incompatible changes must be approved by more than 50% of the OWNERS, and they must first be added in a backwards compatible way.
Release Notes