Add support for gRPC probes to kubelet (KEP-2727)

Tracking issue: kubernetes#2727 Original KEP: kubernetes#1667
bowei · May 13, 2021 · 495a03e · 495a03e
1 parent 8f41a6e
commit 495a03e
Show file tree

Hide file tree

Showing 2 changed files with 173 additions and 0 deletions.
diff --git a/keps/sig-node/2727-grpc-probe/README.md b/keps/sig-node/2727-grpc-probe/README.md
@@ -0,0 +1,156 @@
+# KEP-2727: Add GRPC Probe
+
+<!-- toc -->
+- [Release Signoff Checklist](#release-signoff-checklist)
+- [Summary](#summary)
+- [Motivation](#motivation)
+  - [Goals](#goals)
+  - [Non-Goals](#non-goals)
+- [Proposal](#proposal)
+  - [Risks and Mitigations](#risks-and-mitigations)
+- [Design Details](#design-details)
+  - [Followup work (or optionally part of this)](#followup-work-or-optionally-part-of-this)
+  - [Test Plan](#test-plan)
+  - [Graduation Criteria](#graduation-criteria)
+  - [Upgrade / Downgrade Strategy](#upgrade--downgrade-strategy)
+  - [Version Skew Strategy](#version-skew-strategy)
+- [Implementation History](#implementation-history)
+- [Drawbacks](#drawbacks)
+- [Alternatives](#alternatives)
+<!-- /toc -->
+
+
+## Release Signoff Checklist
+
+- [ ] Enhancement issue in release milestone, which links to KEP dir in
+  [kubernetes/enhancements] (not the initial KEP PR)
+
+- [ ] KEP approvers have approved the KEP status as `implementable`
+- [ ] Design details are appropriately documented
+- [ ] Test plan is in place, giving consideration to SIG Architecture and SIG Testing input
+- [ ] Graduation criteria is in place
+- [ ] "Implementation History" section is up-to-date for milestone
+- [ ] User-facing documentation has been created in [kubernetes/website], for
+  publication to [kubernetes.io]
+- [ ] Supporting documentation e.g., additional design documents, links to
+  mailing list discussions/SIG meetings, relevant PRs/issues, release notes
+
+[kubernetes.io]: https://kubernetes.io/
+[kubernetes/enhancements]: https://git.k8s.io/enhancements
+[kubernetes/kubernetes]: https://git.k8s.io/kubernetes
+[kubernetes/website]: https://git.k8s.io/website
+
+## Goals
+
+Enable grpc probe natively from Kubelet without requiring users to package a
+gRPC healthcheck binary with their container.
+
+https://github.com/grpc-ecosystem/grpc-health-probe
+https://github.com/grpc/grpc/blob/master/doc/health-checking.md
+
+## Non-Goals
+
+Add gRPC support in other areas of K8s (e.g. Services).
+
+## Proposal
+
+Host: pod ip
+
+```yaml
+    readinessProbe:
+      grpc:                     #+
+        port: 9090              #+
+        service: my-service     #+
+      initialDelaySeconds: 5
+      periodSeconds: 10
+```
+
+This healthcheck request will be identified with the following gRPC
+`User-Agent` metadata:
+
+```
+User-Agent: kube-probe/K8S_MAJOR_VER.K8S_MINOR_VER
+```
+
+Example:
+
+```
+User-Agent: kube-probe/1.22
+```
+
+### Risks and Mitigations
+
+1. Adds more code to Kubelet and surface area to Pod.Spec. *Response*: we
+   expect that this will be generally useful given broad gRPC adoption in the
+   industry.
+
+## Design Details
+
+```go
+// core/v1/types.go
+
+type Handler struct {
+  // ...
+  TCPSocket *TCPSocketAction `json...`
+
+  // GRPC specifies an action involving a TCP port.          //+
+  // +optional                                               //+
+  GRPC *GRPCAction `json...`                                 //+
+
+  // ...
+}
+
+type GRPCAction struct {
+  // Port name or number of the port to access on the container.
+  // Number must be in the range 1 to 65535.
+  Port intstr.IntOrString `json:"port" protobuf:"bytes,2,opt,name=port"`
+
+  // Service is the name of the service to place in the gRPC HealthCheckRequest
+  // (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).
+  // +optional
+  Service *string
+}
+```
+
+### Test Plan
+
+Unit test - mock grpc service and execute probe for that
+E2E - run container with grpc service and execute probe for that
+Functional test - execute GRPC probe from api
+
+### Graduation Criteria
+
+TODO
+
+Pass e2e/unit/function tests in CI
+
+### Upgrade / Downgrade Strategy
+
+1. Implement grpc probe in Prober(core)
+2. Release that
+3. Add support in API
+4. Release that
+5. Update documentation
+
+### Version Skew Strategy
+
+1. API upgraded, core not:
+"No probe response from core"
+
+2. Core upgraded, API not:
+"No probe from API"
+
+## Implementation History
+
+* Original PR for k8 Prober: https://github.com/kubernetes/kubernetes/pull/89832
+* 2020-04-04: MR for k8 Prober
+* 2021-05-12: Cloned to this KEP to move the probe forward.
+
+## Alternatives
+
+* 3rd party solutions like https://github.com/grpc-ecosystem/grpc-health-probe
+
+## References
+
+* GRPC healthchecking: https://github.com/grpc/grpc/blob/master/doc/health-checking.md
+
diff --git a/keps/sig-node/2727-grpc-probe/kep.yaml b/keps/sig-node/2727-grpc-probe/kep.yaml
@@ -0,0 +1,17 @@
+title: Add gRPC probe to Pod.Spec.Container.{Liveness,Readiness,Startup}Probe
+kep-number: 2727
+authors:
+  - "@bowei"
+  - "@PxyUp"
+owning-sig: sig-node
+participating-sigs:
+  - sig-node
+  - sig-network
+status: provisional
+creation-date: 2020-04-04
+reviewers:
+  - TBD
+approvers:
+  - "@thockin"
+see-also:
+replaces: