Skip to content

Instantly share code, notes, and snippets.

@uthark
Created July 23, 2019 16:20
Show Gist options
  • Save uthark/cd475f1dca21e2804eeda1564a1e6dc7 to your computer and use it in GitHub Desktop.
Save uthark/cd475f1dca21e2804eeda1564a1e6dc7 to your computer and use it in GitHub Desktop.
Lifecycle hooks for CNI Plugin
#!/usr/bin/env bash
set -e
# Helper script to automatically taint/untaint node based on CNI condition.
# Used as a lifecycle hook for CNI Deployment.
# Tainting helps to prevent FailedCreatePodSandbox issue caused by long CNI Plugin startup/restart
# when there are pods scheduled on the nodes which doesn't have IP addresses assigned yet.
# Expected environment variables:
# MY_NODE_NAME - Name of the node.
# Taint to set on the node.
TAINT=UnableAllocateIPAddresses
taintNode () {
/usr/bin/kubectl taint nodes --overwrite $*
}
runPreStop () {
taintNode "${MY_NODE_NAME}" "${TAINT}=true:NoSchedule"
}
# Check if gRPC is listening on the port by writing to it.
# This is a lightweight alternative to using lsof/nc/netcat.
# wget/curl doesn't work here because it is a TCP connection, not an HTTP.
grpcListening () {
(echo >/dev/tcp/localhost/50051) &>/dev/null
}
waitCNIReady () {
until grpcListening;
do
echo "waiting for GRPC port";
sleep 2;
done
# wait for warming.
sleep 2;
}
runPostStart () {
# Auto-taint, just in case it was not tainted before.
taintNode "${MY_NODE_NAME}" "${TAINT}=true:NoSchedule"
# wait until CNI Plugin started.
waitCNIReady
# Untaint the node.
taintNode "${MY_NODE_NAME}" "${TAINT}:NoSchedule-"
}
usage () {
echo "Valid options: preStop, postStart"
exit 1
}
main () {
command=$1
case ${command} in
preStop)
runPreStop
;;
postStart)
runPostStart
;;
waitCNIReady)
waitCNIReady
;;
*)
usage
;;
esac
}
main $*
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment