-
Notifications
You must be signed in to change notification settings - Fork 381
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat: implement watcher for oci bundles #4321
feat: implement watcher for oci bundles #4321
Conversation
implements an oci bundle watcher. this allows k0s to load new bundles without requiring a restart of the process. the watcher acts upon create or write operations happening in the oci bundles directory. events are debounced with a timeout of 10 seconds. Signed-off-by: Ricardo Maraschini <[email protected]>
The code might get bit simpler / cleaner if you'd separate loading a single bundle file into it's own func. Also that way when we see FS event, we do not need to go through the entire dir. Although there's probably only few files there anyways so it should not be that big of an optimization. 😄 |
I thought about that but haven't gone that route because I noticed we are connecting / disconnecting containerd's client every time. That allied with the fact we are calling That all being said I can certainly work to change what we have here. Do you think connecting / disconnecting from containerd for each file would be a problem ? Are you aware of any sort of problem with long live containerd connections ? |
create a function to import a single oci bundle. use it in our watcher. Signed-off-by: Ricardo Maraschini <[email protected]>
@jnummelin I added a function to import a single OCI bundle and now we are calling it from the watcher. Let me know what you think. |
No, I don't think it'll be any issue. I mean there's not like gazillions of those files and it's "just" a local socket connection.
I haven't seen anything but I don't think we've ever implemented ones either. So honestly, dunno 🤷 IMO it's better this way now where we can load single files based on events. @twz123 WDYT? |
I'm not too concerned about the connect/probe/import/disconnect procedure for each individual bundle file. As you already said: there'll be just a few anyways and they won't change frequently. On the other hand, I wouldn't opt for a long-living connection. That sounds like something that breaks after being idle for x weeks, and then a new file gets added. But: instead of doing a directory listing in the loadAll method itself, we could add a new parameter with a slice of file names to import. We could inline the loadOne method again, and reuse a single connection for the whole slice, as it was before before. Then we can still just use loadAll with a single-element slice from the watcher. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks for working on this!
Co-authored-by: Tom Wieczorek <[email protected]> Signed-off-by: Ricardo Maraschini <[email protected]>
Co-authored-by: Tom Wieczorek <[email protected]> Signed-off-by: Ricardo Maraschini <[email protected]>
Co-authored-by: Tom Wieczorek <[email protected]> Signed-off-by: Ricardo Maraschini <[email protected]>
Co-authored-by: Tom Wieczorek <[email protected]> Signed-off-by: Ricardo Maraschini <[email protected]>
Signed-off-by: Ricardo Maraschini <[email protected]>
95758d9
to
1dda734
Compare
Signed-off-by: Ricardo Maraschini <[email protected]>
@twz123 @jnummelin I think this is ready for another round of review. Let me know how it looks like now. Thanks. |
@twz123 @jnummelin Are you able to review this PR again sometime soon? We have a core feature that has a significant known issue until we get this fixed. Thanks! |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks good! Left a few small nits to be improved, if there's time and inclination.
Signed-off-by: Ricardo Maraschini <[email protected]>
36ce83b
to
debf414
Compare
@jnummelin @twz123 Thanks for your help so far, I really appreciate it. Are there any plans to back port this to v1.29 / v1.28 ? If needed I can help with that. |
We don't usually backport new features. One could argue though that is this one. 😆 @twz123 WDYT, could/should we backport this? |
@ricardomaraschini Thanks for working on this 👍 |
@jnummelin @twz123 Is there any chance of back porting this to v1.29 and v1.28 release branches ? This would be so valuable for our use case here. I tried to create a back port myself but, IIUC, I need to add the |
Actually, I'm a pretty conservative guy when it comes to backports. I wouldn't want to port it back so much because it's a pretty substantial change, adding new behavior, not fixing a broken one. Shipping your on k0s builds with the backport applied wouldn't be an option for you in this case? (Just asking 🙃) |
Another thing that comes to my mind: Eventually, we need to have a way to re-enable GC on containerd side for images that have previously been imported via k0s, but are no longer present. Otherwise, the images will pile up on the image fs, potentially leading to disk pressure in the long run. |
Description
Implements an OCI bundle watcher. This allows k0s to load new OCI bundles without requiring a restart of the process. The watcher acts upon
Create()
orWrite()
operations happening in the OCI bundles directory and events are debounced with a timeout of 10 seconds.Fixes # 4316
Type of change
How Has This Been Tested?
At this stage I have updated
k0s
locally and created/deleted/updated bundles manually in the OCI bundles directory. I have been checking the results by inspecting the logs (as follow) and withk0s ctr i ls
:Checklist: