naiserator icon indicating copy to clipboard operation
naiserator copied to clipboard
verified publisher icon nais

Replace default preStopHook with Kubernetes native sleep

Open tronghn opened this issue 1 year ago • 1 comments

Since the dawn of time (for locally adjusted values of time), Naiserator has configured a default preStopHook for pods: https://github.com/nais/naiserator/blob/fb0a723fc63e9b468fd283a85080f31dda5c1361/pkg/resourcecreator/pod/pod.go#L462-L470

This essentially executes a sleep 5 to allow a grace period before the container receives a SIGTERM and starts gracefully shutting down. This allows an ingress controller to update its list of Endpoints for routing requests without perceived "downtime".

While this has worked wonderfully for many years, its a hack that depends on the sleep binary to exist in the given container. With the rise of distroless-based images, we can no longer expect this to be the case.

Fortunately for us, KEP-3960: Introducing Sleep Action for PreStop Hook addresses this natively in Kubernetes. It is slated to be available as an alpha feature from 1.29, beta from 1.30, and GA from 1.32.

We should switch to using this feature whenever it is available.

tronghn avatar Jun 24 '24 08:06 tronghn

Issue tracking: https://github.com/kubernetes/enhancements/issues/3960

Can confirm that this feature still is slated to be available as beta in 1.30.

kimtore avatar Aug 07 '24 07:08 kimtore