crossplane icon indicating copy to clipboard operation
crossplane copied to clipboard
verified publisher icon crossplane

Run multiple webhook deployments by default

Open negz opened this issue 2 years ago • 8 comments

What problem are you facing?

Currently Crossplane uses webhooks to validate API objects like XRDs and Compositions. In future we think we'll use them for a bunch more things (e.g. converting between API versions). At the moment these webhooks are started by the crossplane core start command - i.e. as part of the same binary that runs the core Crossplane controllers.

One issue with this approach is that Kubernetes controllers and webhooks have different scaling properties.

Controller managers are single-leader. If you run more than one replica they will use leader-election - one pod will become leader and the others will do nothing until the leader fails and a new one is elected. This is because controllers operate on API server state, and we don't want many controllers racing to operate on the same state. For this reason we currently default to deploying only a single replica of Crossplane.

Webhooks on the other hand scale horizontally - we can run as many webhooks as we like and spread requests across them. Unfortunately if we're only deploying a single Crossplane replica by default requests to the API server could fail (or not leverage the webhook) if that pod is offline.

How could Crossplane help solve your problem?

I can see two options here:

  1. Break webhooks out into a separate binary and run them as a separate deployment with more replicas than core Crossplane.
  2. Run Crossplane with more replicas (say 3) by default. All three would always serve webhooks, but only one would run controllers.

negz avatar May 24 '23 22:05 negz

Crossplane does not currently have enough maintainers to address every issue and pull request. This issue has been automatically marked as stale because it has had no activity in the last 90 days. It will be closed in 14 days if no further activity occurs. Leaving a comment starting with /fresh will mark this issue as not stale.

github-actions[bot] avatar Aug 23 '23 01:08 github-actions[bot]

/fresh

phisco avatar Aug 23 '23 11:08 phisco

Crossplane does not currently have enough maintainers to address every issue and pull request. This issue has been automatically marked as stale because it has had no activity in the last 90 days. It will be closed in 14 days if no further activity occurs. Leaving a comment starting with /fresh will mark this issue as not stale.

github-actions[bot] avatar Nov 22 '23 01:11 github-actions[bot]

/fresh

phisco avatar Nov 22 '23 07:11 phisco

Crossplane does not currently have enough maintainers to address every issue and pull request. This issue has been automatically marked as stale because it has had no activity in the last 90 days. It will be closed in 14 days if no further activity occurs. Leaving a comment starting with /fresh will mark this issue as not stale.

github-actions[bot] avatar Feb 21 '24 01:02 github-actions[bot]

/fresh

negz avatar Feb 21 '24 02:02 negz

Crossplane does not currently have enough maintainers to address every issue and pull request. This issue has been automatically marked as stale because it has had no activity in the last 90 days. It will be closed in 14 days if no further activity occurs. Leaving a comment starting with /fresh will mark this issue as not stale.

github-actions[bot] avatar Jun 27 '24 01:06 github-actions[bot]

/fresh

negz avatar Jun 28 '24 01:06 negz