diff options
| author | Kubernetes Prow Robot <k8s-ci-robot@users.noreply.github.com> | 2020-02-12 00:50:51 -0800 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2020-02-12 00:50:51 -0800 |
| commit | a3102eacfe9dd3391acbdd3d0f20a5a23f182031 (patch) | |
| tree | 114cd36c65f8f08133dbaf040980cd4d5251506f /contributors | |
| parent | fa9abb2517a6cbebdfeb4d31a65c3da9aa463097 (diff) | |
| parent | 2b2a07e6ad429b8a14d0088014cfb6b2c73ac15d (diff) | |
Merge pull request #4045 from wozniakjan/namespace-status-conditions
Add namespace status conditions
Diffstat (limited to 'contributors')
| -rw-r--r-- | contributors/design-proposals/architecture/namespaces.md | 46 |
1 files changed, 46 insertions, 0 deletions
diff --git a/contributors/design-proposals/architecture/namespaces.md b/contributors/design-proposals/architecture/namespaces.md index a8fe7ce6..c357f9a9 100644 --- a/contributors/design-proposals/architecture/namespaces.md +++ b/contributors/design-proposals/architecture/namespaces.md @@ -191,6 +191,52 @@ If the *namespace controller* sees a *Namespace* whose list is empty, it will signal the server to permanently remove the *Namespace* from storage by sending a final DELETE action to the API server. +There are situations where the *namespace controller* is unable to guarantee +cleanup of all resources. During a cleanup run, it attempts a best-effort +resource deletion, remembers the errors that occurred and reports back via +**namespace status condition**. Some errors can be transient and will +auto-resolve in the following cleanup runs, others may require manual +intervention. + +These are the status conditions reporting on the process of namespace +termination: +- `NamespaceDeletionDiscoveryFailure` reports on errors during the first phase + of namespace termination - + [resource discovery](../api-machinery/api-group.md). +- `NamespaceDeletionGroupVersionParsingFailure` reports on errors that happen + when parsing the [GVK](../api-machinery/api-group.md) + of all discovered resources. +- `NamespaceDeletionContentFailure` reports on errors preventing the controller + from deleting resources belonging to successfully discovered and parsed GVK. + +When any part of a certain phase fails, the *namespace controller* sets appropriate +status condition with a descriptive message of what went wrong. After +the controller successfully passes that phase, it sets the status condition to +report success. + +Example of a failing namespace termination where +`NamespaceDeletionContentFailure` is no longer reporting any error and +`NamespaceDeletionDiscoveryFailure` continues to fail. + +```yaml +status: + conditions: + - lastTransitionTime: "2019-02-13T12:58:03Z" + message: All content successfully deleted + reason: ContentDeleted + status: "False" + type: NamespaceDeletionContentFailure + - lastTransitionTime: "2019-02-13T12:55:16Z" + message: 'Discovery failed for some groups, 2 failing: unable to retrieve the + complete list of server APIs: mutators.abc.com/v1alpha1: the server is currently + unable to handle the request, validators.abc.com/v1alpha1: the server is + currently unable to handle the request' + reason: DiscoveryFailed + status: "True" + type: NamespaceDeletionDiscoveryFailure + phase: Terminating +``` + ### REST API To interact with the Namespace API: |