33-TTL Controller for Finished Resources

cucytoman發表於2019-10-28

FEATURE STATE: Kubernetes v1.12 alpha

The TTL controller provides a TTL mechanism to limit the lifetime of resource objects that have finished execution. TTL controller only handles Jobs for now, and may be expanded to handle other resources that will finish execution, such as Pods and custom resources. ttl控制器提供了ttl機制來限制已完成執行的資源物件的生存期。TTL控制器目前只處理作業,並且可以擴充套件以處理將完成執行的其他資源,例如pods和自定義資源。

Alpha Disclaimer: this feature is currently alpha, and can be enabled with feature gate TTLAfterFinished. alpha免責宣告:此功能當前為alpha,可通過

TTL Controller

The TTL controller only supports Jobs for now. A cluster operator can use this feature to clean up finished Jobs (either Complete or Failed) automatically by specifying the .spec.ttlSecondsAfterFinished field of a Job, as in this example. The TTL controller will assume that a resource is eligible to be cleaned up TTL seconds after the resource has finished, in other words, when the TTL has expired. When the TTL controller cleans up a resource, it will delete it cascadingly, i.e. delete its dependent objects together with it. Note that when the resource is deleted, its lifecycle guarantees, such as finalizers, will be honored. TTL控制器目前只支援作業。群集操作員可以使用此功能通過指定作業的“.spec.ttlsecondsafterfinished”欄位自動清理完成的作業(“complete”或“failed”),如[示例](https://kubernetes.io/docs/concepts/worklo... run to completion/"自動清理完成的作業")。ttl控制器將假定在資源完成後的幾秒鐘內(換句話說,當ttl過期時),資源有資格被清理ttl。當ttl控制器清理一個資源時,它將級聯刪除它,也就是說,將它的從屬物件一起刪除。請注意,當資源被刪除時,它的生命週期保證(如終結器)將得到遵守。

The TTL seconds can be set at any time. Here are some examples for setting the .spec.ttlSecondsAfterFinished field of a Job:

  • Specify this field in the resource manifest, so that a Job can be cleaned up automatically some time after it finishes.
  • Set this field of existing, already finished resources, to adopt this new feature.
  • Use a mutating admission webhook to set this field dynamically at resource creation time. Cluster administrators can use this to enforce a TTL policy for finished resources.
  • Use a mutating admission webhook to set this field dynamically after the resource has finished, and choose different TTL values based on resource status, labels, etc.

Caveat

Updating TTL Seconds

Note that the TTL period, e.g. .spec.ttlSecondsAfterFinished field of Jobs, can be modified after the resource is created or has finished. However, once the Job becomes eligible to be deleted (when the TTL has expired), the system won’t guarantee that the Jobs will be kept, even if an update to extend the TTL returns a successful API response. 請注意,ttl period,例如作業的“.spec.ttlsecondsafterfinished”欄位,可以在建立或完成資源後修改。但是,一旦作業有資格被刪除(當ttl過期時),系統將不保證作業將被保留,即使擴充套件ttl的更新返回成功的api響應。

Time Skew

Because TTL controller uses timestamps stored in the Kubernetes resources to determine whether the TTL has expired or not, this feature is sensitive to time skew in the cluster, which may cause TTL controller to clean up resource objects at the wrong time. 由於ttl控制器使用儲存在kubernetes資源中的時間戳來確定ttl是否已過期,因此此功能對叢集中的時間偏移敏感,這可能導致ttl控制器在錯誤的時間清理資源物件。

In Kubernetes, it’s required to run NTP on all nodes (see #6159) to avoid time skew. Clocks aren’t always correct, but the difference should be very small. Please be aware of this risk when setting a non-zero TTL.

What's next

Clean up Jobs automatically

Design doc

Feedback

Was this page helpful?

本作品採用《CC 協議》,轉載必須註明作者和本文連結

相關文章