Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Pod cannot be terminated #2

Open
chiyiliao opened this issue Dec 15, 2020 · 0 comments
Open

Pod cannot be terminated #2

chiyiliao opened this issue Dec 15, 2020 · 0 comments

Comments

@chiyiliao
Copy link

chiyiliao commented Dec 15, 2020
edited
Loading

I create a pod with below config:

############

testpod.yaml

############
apiVersion: v1
kind: Pod
metadata:
name: test-job
spec:
serviceAccountName: saname
restartPolicy: Never
containers:
- name: test-pod
image: ubuntu
command:
- /bin/sleep
- "10"
resources:
limits:
cpu: 100m
memory: 128Mi
requests:
cpu: 100m
memory: 128Mi

############

CMD: kubectl -f testpod.yaml

After the sleep command finished, it does not terminated,

CMD: kubectl get pod
test-job 1/2 Running 0 5m26s

CMD: kubectl describe pod test-job
.
.
Containers:
test-pod:
Container ID: docker://d6a95538e748e9585af2e11f62d2f9f65bc7a7c5cb01d01357985cb0e7fd56f3
Image: ubuntu
Image ID: docker-pullable://ubuntu@sha256:c95a8e48bf88e9849f3e0f723d9f49fa12c5a00cfc6e60d2bc99d87555295e4c
Port:
Host Port:
Command:
/bin/sleep
10
State: Terminated
Reason: Completed
Exit Code: 0
Started: Tue, 15 Dec 2020 11:18:59 +0800
Finished: Tue, 15 Dec 2020 11:19:09 +0800
Ready: False
Restart Count: 0
.
.
.
update-gcp-id-token:
Container ID: docker://88ec093929b3c648b032448d17de5f46fb6be9bdcc5e78247acac1a16cf9dcbc
Image: doitintl/gtoken:latest
Image ID: docker-pullable://doitintl/gtoken@sha256:cb9647b375f579e378e957ed80dfa6259667987cf87835b10b125dc5b175b31d
Port:
Host Port:
Command:
/gtoken
--file=/var/run/secrets/aws/token/gtoken
--refresh=true
State: Running
Started: Tue, 15 Dec 2020 11:19:00 +0800
Ready: True
Restart Count: 0

#########

It seems like the update-gcp-id-token does not terminated.
Is it possible to terminate update-gcp-id-token after test-pod fininshed?

Thank you!
alextsits added a commit to arrikto/doitintl-gtoken that referenced this issue Nov 18, 2022
@alextsits
webhook: Support disabling sidecar for token refresh
c5c519c 
The webhook adds a sidecar to the pod to refresh the generated token.
Running jobs with the sidecar never go to completion because the sidecar
keeps running when the main container of the job exits. See
doitintl/gtoken#2.

Workaround this by adding an annotation to disable refreshing the token,
and as a result skip adding the sidecar.

Signed-off-by: Alex Tsitsimpis <alextsi@arrikto.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@chiyiliao