Loading...

XML

Word

Printable

Type: Bug
Resolution: Done
Priority: Major
Fix Version/s: 1.4.0.GA
Affects Version/s: 1.2.0.GA
Component/s: None
Labels:
None

Story Points:
0
Target Release:

1.4.0.GA
Workaround Description:

Hide

The workaround is to avoid terminating a Kafka and a Zookeeper pod at the same time.
However, it is difficult to use customized PodDisruptionBudget due to [ENTMQST-1412]Provide a way to disable default podDisruptionBudget. So the workaround is the manual operation only.

Show
The workaround is to avoid terminating a Kafka and a Zookeeper pod at the same time. However, it is difficult to use customized PodDisruptionBudget due to [ENTMQST-1412]Provide a way to disable default podDisruptionBudget . So the workaround is the manual operation only.
Steps to Reproduce:
Hide

In the case of upgrading a OpenShift cluster or executing drain command, this problem can happen. Because a Kafka pod and a Zookeeper pod can terminate at the same time.

The following procedure confirms that there can be no ESTABLISHED connection.

Show ESTABLISHED connection count

oc rsh -c tls-sidecar my-cluster-kafka-0 while true; do echo -n `date +"[%m-%d %H:%M:%S]"`; echo -n " : "; netstat -ant | grep -w

restart Zookeeper ensemble

=> ESTABLISHED connection count will be sometime 0. And If Kafka pod is terminated at this timing, the tls-sidecar can terminate earlier than Kafka container itself, and Kafka container cannot terminate glacefully.
Show
In the case of upgrading a OpenShift cluster or executing drain command, this problem can happen. Because a Kafka pod and a Zookeeper pod can terminate at the same time. The following procedure confirms that there can be no ESTABLISHED connection. Show ESTABLISHED connection count oc rsh -c tls-sidecar my-cluster-kafka-0 while true ; do echo -n `date + "[%m-%d %H:%M:%S]" `; echo -n " : " ; netstat -ant | grep -w restart Zookeeper ensemble => ESTABLISHED connection count will be sometime 0. And If Kafka pod is terminated at this timing, the tls-sidecar can terminate earlier than Kafka container itself, and Kafka container cannot terminate glacefully.

Sprint:
2019.13, 2019.14, 2019.15, 2020.1, 2020.2

SFDC Cases Counter:
SFDC Cases Open:
SFDC Cases Links:

tls-sidecar can terminate earlier than Kafka container itself

tls-sidecar check only the ESTABLISHED connection count in `kafka_stunnel_pre_stop.sh`
So If stopping a Kafka pod when there is no connection to zookeeper, the tls-sidecar in Kafk pod can terminate earlier than Kafka container itself.
And the Kafka container cannot graceful shutdown.

In the case of upgrading OpenShift cluster or executing drain command, this problem can happen. Because a Kafka pod and a Zookeeper pod can terminate at the same time.

relates to

ENTMQST-683 The TLS sidecar should always shutdown as the last container of the pod

Closed

ENTMQST-1410 [DOC OCP] Provide a procedure for graceful AMQ Streams restart when upgrading OpenShift

Closed

ENTMQST-1412 Provide a way to disable default podDisruptionBudget

Closed

Assignee:: Unassigned

Reporter:: Tomonari Yamashita

Tester:: Jakub Stejskal

Votes:: 1 Vote for this issue

Watchers:: 5 Start watching this issue

Created:: 2019/10/17 6:24 AM

Updated:: 2023/09/07 11:41 PM

Resolved:: 2020/02/11 2:46 PM

Details

Description

Attachments

Issue Links

Activity

People

Dates