From a3727dfef9023df381b7669feec2962623707f42 Mon Sep 17 00:00:00 2001 From: Han Kang Date: Wed, 22 Mar 2023 09:05:53 -0700 Subject: [PATCH] add a bit about making discovery consistent --- .../README.md | 20 ++++++++++++++++++- 1 file changed, 19 insertions(+), 1 deletion(-) diff --git a/keps/sig-api-machinery/3903-unknown-version-interoperability-proxy/README.md b/keps/sig-api-machinery/3903-unknown-version-interoperability-proxy/README.md index d69f561a9ce5..d277c00be64a 100644 --- a/keps/sig-api-machinery/3903-unknown-version-interoperability-proxy/README.md +++ b/keps/sig-api-machinery/3903-unknown-version-interoperability-proxy/README.md @@ -192,9 +192,23 @@ incorrectly or objects being garbage collected mistakenly. We will use the existing `StorageVersion` API to figure out which resources an apiserver can serve. +We will also need to make discover reports the same set of resources everywhere. We propose +routing discovery requests from old-apiservers to the new api-server, so that all discovery +requests reflect the newest one. We specifically rule out merging discovery docs, because +merging discovery is: + +* complicated +* represents an intermediate state which may not even make sense + +By routing all discovery requests to the newest apiserver, we can ensure that namespace and gc +controllers do the right thing, which is what they would be doing if the upgrade happened +instantaneously. + + API changes: * To the apiservices API, add an "serviceableBy" clause, a list of apiservers which believe they can serve the group-version. +* To the ??? API, we will add the public key for communication with an apiserver. API server change: * A controller adds the apiserver to the list of `serviceableBy`s for its built-in @@ -203,7 +217,11 @@ API server change: apiserver identity work.) * A new handler is added to the stack: - If the request is for a group/version the apiserver doesn't have locally, it - will proxy the request to ag `serviceableBy`s if one is available, if one is not available, then we will return a 503 (there is a small possibility of a race between the controller registering the apiserver with the resources it can serve and receiving a request for a resource that is not yet available on that apiserver). + will proxy the request to ag `serviceableBy`s if one is available, if one is not + available,then we will return a 503 (there is a possibility of a race + between the controller registering the apiserver with the resources it can + serve and receiving a request for a resource that is not yet available on + that apiserver). ### User Stories (Optional)