Comments (5)
Hello @alen-z and thanks for your interest in Traefik,
This is an interesting idea, there is already a pull request #10664 which brings the EndpointSlices support which might fix this issue.
@jnoordsij wdyt?
from traefik.
I've looked into the mentioned KEP, but I just don't see how exactly it should benefit Traefik. In both the existing handling of endpoints and the one I implemented with the EndpointSlice
API in #10664, any terminating endpoints should already be considered invalid as they should be marked as not ready
by Kubernetes.
The preStop
hook will help cover the possible time overlap between Traefik being aware of the endpoint no longer be available (whether through Endpoint
or EndpointSlice
API) and the pod being actually terminated; this is described at various places, see e.g. https://itnext.io/how-do-you-gracefully-shut-down-pods-in-kubernetes-fb19f617cd67. AFAICS, the mentioned proposal does not offer any alternative to that.
What could be done after #10664 is creating some kind of configuration flag (or even/later default behavior), that does broadly the same thing as the mentioned KEP: rather than relying on the ready
flag, Traefik could allow all serving=true
endpoints and then using only those with terminating=true
if there are no endpoints with terminating=false
, to have a "theoretical" better chance of finding suitable endpoints.
However, I'm not sure if this has any real-world benefit, as the motivation mentions the problem at hand being "When using Service Type=LoadBalancer w/ externalTrafficPolicy=Local" while Traefik should typically be sending traffic to ClusterIP
(or NodePort
) services. Moreover the Non-Goals lists "Handling terminating endpoints for other consumers of the EndpointSlice API, such as ingress controllers or external load balancers.", leading me to believe this is not relevant for Traefik?
from traefik.
Hey @jnoordsij, great gist and appreciate the time invested. Also, pretty nice to see #10664. I wasn't aware, pretty new from the Traefik kitchen.
Ultimate goal: Removing the need to have preStop
hook and no new requests sent to terminating Pod + make a Pod stay alive to serve in-flight requests (automated preStop
bacisally). This means finding the way to remove this gap between Traefik being notified and Pod being terminated (if preStop
does not exist).
I have one thing in mind: Can Traefik intervene in the process of EndpointSlice
and the state that controls endpoint termination? Basically, have Traefik as one of the validation gates before changing the state for termination? This puts Traefik in a position to acknowledge and influence the termination action. Example: Pod would not terminate until Traefik responds that it has no in-flight request — then EndpointSlice
state changes. Or maybe Traefik can influence Pod lifecycle itself to say when it's ready to allow Pod to terminate, finishing in-flight requests even before Pod started the termination?
How to involve Traefik in a similar way that kube-proxy
is involved is a good question. I'd need to look more into it to propose implementation details, but from the top of my head: finalizers, maybe. Add Traefik finalizer, remove when ready to terminate after finishing in-flight. Or Admission Controller of some sort, though I'm not aware if relevant events to EndpointSlice
resource are passing there?
from traefik.
I see! I do like the idea, although I think it might be very challenging to achieve such a thing in practice.
But as far as I can see, that goal does not have any direct relation to KEP-1669 or my PR #10664, given they're really about something else (namely the endpoint part) and do not actively attempt to alter Pod termination logic itself in any way.
from traefik.
Yes, you are right. KEP was just initial spark that evolved.
Glad you find it interesting. If there is a way to try this, maybe we can put it behind a flag to start with.
from traefik.
Related Issues (20)
- unable to download plugin error 404 HOT 1
- Allow combining of multiple IPAllowlist Middlewares HOT 3
- Environment variable in a toml dynamic file HOT 2
- Undocumented Location header rewrite functionality HOT 3
- traefik.io/v1 not available in v3.1.2 (only traefik.io/v1alpha1) HOT 3
- Using environment variables for startup parameters. HOT 1
- Add support for UDP routing in systemd socket activation
- Upgrade to go 1.23 HOT 1
- Support HTTP mirroring excluding body HOT 4
- Traefik fails to connect to podman services when run via systemd/quadlet HOT 1
- Rule Priority v2 vs v3
- Traefik v3 getting SSL handshake errors HOT 3
- Send body from forwardauth middleware HOT 2
- http3.0 can not working in edge127版本 HOT 3
- IP Whitelist: IP whitelisted / detected, but user receives Forbidden HOT 2
- Proxy Protocol Not Sent Before TLS Handshake, Resulting in Connection Termination
- Traefik failing first authentication attempt to NTLM-protected website HOT 9
- How to set idle timeout between the client and Traefik HOT 1
- Add RateLimit per URL path feature HOT 1
- K8s `IngressRoute` error when selecting a named port from a headless & selectorless `ClusterIP` Service HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from traefik.