-
Notifications
You must be signed in to change notification settings - Fork 923
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Wait for a CRD type to deploy before deploying resources that use the type #1117
Comments
@ringerc: This issue is currently awaiting triage. SIG CLI takes a lead on issue triage for this repo, but any Kubernetes member can accept issues by applying the The Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
See related issue discussing retries: kubernetes/kubernetes#5762 (comment) The server does not issue HTTP status code 429 here, presumably because it doesn't know there's a pending deployment that will create this resource. |
See related issue in kube-prometheus - but note that this is far from specific to kube-prometheus, it can affect anything where races exist between resource creation and resource use |
A workaround is to use
|
The Kubernetes project currently lacks enough contributors to adequately respond to all issues and PRs. This bot triages issues and PRs according to the following rules:
You can:
Please send feedback to sig-contributor-experience at kubernetes/community. /lifecycle stale |
This isn't something that we would implement for kubectl but we will investigate which part of apply can provide a better error. We'll handle that in #1118. /close |
@eddiezane: Closing this issue. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
@KnVerey do you know if Kustomize has any hooks authors can use similar to how Helm handles CRD installation separately? |
It does not. Kustomize is a purely client-side, so it has no deploy-related features. |
That's unfortunate, because it means basically every different user who wants robust deployment has to implement repetitive logic like:
It's reasonable to expect the client sending data to But it's a pity that it's seemingly not practical for kubectl to ensure the requests apply correctly. If waiting isn't viable, what about a |
Thank you so much for the My vagrant provisioning step fails because k3s is installed but did not complete setting up traefik. So sometimes applying my resources failed with
So I can now fix this with $ kubectl wait --for condition=established crd tlsstores.traefik.containo.us Thanks! I agree that a more generic solution in kubectl would be great. |
Presently, when kubectl is used to apply a large manifest that defines new custom resource definitions (CRDs) as well as resources that use the new resource kind, conditions can cause the deployment to fail. Assuming you're using
kubectl apply -f -
and an externalkustomize
you might see an error like:(the exact resource "kind" and api "version" will vary depending on what you're deplying).
This appears to be a race between the k8s cluster applying the new CRD types and kustomize sending requests that use the new types, but there's no indication of that in the command's output. It's confusing for new users, and it's a hassle operationally since deployments will fail then work when re-tried. This is something the
kubectl
tool could help users with.The
--server-side
option does not help, as the same race occurs then. And--wait=true
only affects resource removal, not creation.This can often be reproduced with a kind cluster, though it varies since it's a race. For example:
... which will often fail with:
but when the same command is repeated, it will succeed:
There doesn't seem to be any (obvious) kubectl flag to impose a delay between requests, wait for a new resource to become visible before continuing, or retry a request if it fails because of a server-side error indicating something was missing.
The error message is confusing for new users and definitely does not help. A wording change and some context would help a lot. I raised that separately: #1118
The text was updated successfully, but these errors were encountered: