KEP-753: Update documentation to clarify restartPolicy behavior
#4880
Conversation
k8s-ci-robot
added
cncf-cla: yes
|
/lgtm |
k8s-ci-robot
added
the
lgtm
| Once sidecar container is started (`postStart` completed and startup probe | ||
| succeeded), this containers will be restarted even when the Pod `restartPolicy` | ||
| is `Never` or `OnFailure`. | ||
| The `restartPolicy` field for individual init containers can override the |
There was a problem hiding this comment.
sidecar container failed during startup will NOT be restarted
failed meant:
- PostStart failed
- Image pull failed
- CRI failed
In all these cases the implemented behavior is that we will restart the sidecar container even if the Pod restartPolicy is Never.
If one want to express the semantic of "fail if the sidecar cannot start" - it can be implemented by moving this logic into the Init container executed just before the sidecar. Like if certificates are needed, but we cannot download them.
@thockin any objections with this behavior?
cc: @kubernetes/api-reviewers
There was a problem hiding this comment.
One could argue that "CRI failed" and "Image pull failed" are not failures of the container, but failures to START the container, and so retrying is not a "restart" at all.
Restarting when PostStart fails is kind of dubious, though. At that point, the container HAS started. If the policy is "Never", it seems like we should not restart. Tell me why I am wrong?
There was a problem hiding this comment.
Restarting when PostStart fails is kind of dubious, though. At that point, the container HAS started. If the policy is "Never", it seems like we should not restart. Tell me why I am wrong?
We are talking about sidecar containers. They will restart if failed even in Pod with restartPolicy=Never. So the only question is whether we should allow sidecars (which has started already, just executing the PostStart) to be able to "fail" the Pod if PostStart has failed. Originally we thought it may be useful to be able to express this. But now I am not that confident. It feels a bit strange to have different restart behavior if code failed during PostStart or PostStart itself has failed. This is why I am asking for more opinions
There was a problem hiding this comment.
Sorry, I was thinking it was if the container had restart policy "Never". Yes, I agree with you. They can't fail the pod that way.
There was a problem hiding this comment.
thank you for confirming.
/lgtm
/approve
There was a problem hiding this comment.
/assign @mrunalp
for actual approval
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: gjkim42, mrunalp, SergeyKanzhelev The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
k8s-ci-robot
added
the
approved
Desired behavior of a startup failed restartable init container in a pod with
restartPolicyset toNeverkubernetes#120234The implementation is different from the current documentation.
This updates the documentation to clarify the relationship between the container-level restartPolicy and the pod-level restartPolicy.
We may introduce a new concept (or policy) for the restart behavior of the initialization.
/cc @SergeyKanzhelev