Skip to content

Kubelet takes long time to update Pod.Status.PodIP #39113

New issue
New issue
Closed
Closed
Kubelet takes long time to update Pod.Status.PodIP#39113
Labels
lifecycle/rottenDenotes an issue or PR that has aged beyond stale and will be auto-closed.sig/networkCategorizes an issue or PR as relevant to SIG Network.sig/nodeCategorizes an issue or PR as relevant to SIG Node.triage/acceptedIndicates an issue or PR is ready to be actively worked on.
@caseydavenport

Description

@caseydavenport
caseydavenport
opened on Dec 22, 2016

I've seen this when implementing Calico NetworkPolicy against the Kubernetes API (as opposed to via Calico's etcd)

Since the Pod status reporting is not synchronous with Pod set up, it often takes a long time for the API to get updated with the IP address of a newly networked Pod, which means that it can take multiple seconds before any NetworkPolicy implementation based off the k8s API learns about the new Pod's assigned IP.

I've seen this have an impact on 99%ile time to first connectivity being measured in seconds (because it takes seconds for kubelet -> apiserver -> controller to occur).

A naive fix would be to write the pod status immediately after CNI execution completes based on the result returned by the CNI plugin (though this might have performance impacts due to increased number of writes to the API).

CC @thockin @freehan @dchen1107 @wojtek-t

Metadata

Metadata

Assignees

No one assigned

    Labels

    lifecycle/rottenDenotes an issue or PR that has aged beyond stale and will be auto-closed.sig/networkCategorizes an issue or PR as relevant to SIG Network.sig/nodeCategorizes an issue or PR as relevant to SIG Node.triage/acceptedIndicates an issue or PR is ready to be actively worked on.

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions