inplace-update-the-past-present-and-future-picodaephui-jiong-nanore-zhang-zhen-mingshan-zhao-yuxing-yuan-alibaba-cloud.pdf

1、Inplace-update:the past,present and futureZhen Zhang&Yuxin Yuan Alibaba Cloud&OpenKruise maintainerInplace-update:the origin1.Cluster is locked after the load test2.Resource is highly consolidated3.Image of rich container is huge4.Service discovery of large scale pod recreate is challenging Recreate

2、 rolling update is not an option!And we are not aloneIn-place Update Concept Avoid additional cost of scheduling,allocating IP,allocating and mounting volumes，load volumes with data Faster image pulling,because of we can re-use most of image layers pulled by the old image and only to pull several ne

3、w layers When a container is in-place updating,the other containers in Pod will not be affected and remain running.Upstream KEP:In-place rolling updateInplace-update&Immutable infra.Immuable Infra with replacable partPod Container as the element of Immuable infraOnly inplace-update if possibleLimit

4、the replacable part to:ImageResource Use case Sidecar managementUpdate Sidecar(useful for hot update)Inject SidecarUse case:Image pre-download(1)Vanilla Pod creation：createscheduleattach/mount volumecni allotatepull image for sidecarstart sidecarpull image for appstart app(2)Pod creation with image

5、pre-downloadcreatescheduleattach/mount volumecni allotatestart sidecarpull image for appstart app1stbatch2ndbatch3rdbatch.Rolling 1stbatchPre-download image for batches after 1stbatch(3)inplace-update withPre-downloadin-place updatestart appchallenges and solution:updatable fieldsapiVersion:apps.kru

6、ise.io/v1alpha1kind:CloneSetspec:template:metadata:annotations:app-config:.the real env value.spec:containers:-name:appimage:app-image:v1env:-name:APP_CONFIGvalueFrom:fieldRef:fieldPath:metadata.annotationsapp-configfieldsMutable ReportedTrigger updateImageYYYAnnotationYNNEnvironmentCommandArgumentN