Kubernetes API 调用秘密更新和 configmap 更新原子调用吗?
Are Kubernetes API calls secret update and configmap update atomic calls?
client.Secrets(namespace).Update(secret) 是原子调用吗?如果此调用以某种方式失败,存储在 Kubernetes API 服务器中的原始机密是否已损坏?
同样,core.ConfigMaps(namespace).Update(configmap) 是原子调用吗?如果此调用失败,现有配置映射是否已损坏?
根据 Kubernetes documentation 在有关服务器端应用的部分,您可以找到以下内容:
Changes to an object’s fields are tracked through a “field management“ mechanism. When a field’s value changes, ownership moves from its current manager to the manager making the change. When trying to apply an object, fields that have a different value and are owned by another manager will result in a conflict. This is done in order to signal that the operation might undo another collaborator’s changes. Conflicts can be forced, in which case the value will be overriden, and the ownership will be transfered.
以及一些关于 merge strategy.
的信息
Merge strategy
The merging strategy, implemented with Server Side Apply, provides a generally more stable object lifecycle. Server Side Apply tries to merge fields based on the fact who manages them instead of overruling just based on values. This way it is intended to make it easier and more stable for multiple actors updating the same object by causing less unexpected interference.
When a user sends a “fully-specified intent” object to the Server Side Apply endpoint, the server merges it with the live object favoring the value in the applied config if it is specified in both places. If the set of items present in the applied config is not a superset of the items applied by the same user last time, each missing item not managed by any other appliers is removed. For more information about how an object’s schema is used to make decisions when merging, see sigs.k8s.io/structured-merge-diff.
希望对您有所帮助。
编辑:
是的,apply and update 使用此功能。
Apply and Update
The two operation types considered by this feature are Apply
(PATCH
with content type application/apply-patch+yaml
) and
Update
(all other operations which modify the object). Both
operations update the managedFields
, but behave a little
differently.
For instance, only the apply operation fails on conflicts while update
does not. Also, apply operations are required to identify themselves
by providing a fieldManager
query parameter, while the query
parameter is optional for update operations. Finally, when using the
apply operation you cannot have managedFields
in the object that
is being applied.
client-go UPDATE是HTTP PUT,所以会replace对象,是原子操作。但是,在执行此操作时需要考虑一些情况,例如如果有多个客户端在同一个对象上操作......你应该查看这个链接的客户端示例和替代解决方案:
client.Secrets(namespace).Update(secret) 是原子调用吗?如果此调用以某种方式失败,存储在 Kubernetes API 服务器中的原始机密是否已损坏?
同样,core.ConfigMaps(namespace).Update(configmap) 是原子调用吗?如果此调用失败,现有配置映射是否已损坏?
根据 Kubernetes documentation 在有关服务器端应用的部分,您可以找到以下内容:
Changes to an object’s fields are tracked through a “field management“ mechanism. When a field’s value changes, ownership moves from its current manager to the manager making the change. When trying to apply an object, fields that have a different value and are owned by another manager will result in a conflict. This is done in order to signal that the operation might undo another collaborator’s changes. Conflicts can be forced, in which case the value will be overriden, and the ownership will be transfered.
以及一些关于 merge strategy.
的信息Merge strategy
The merging strategy, implemented with Server Side Apply, provides a generally more stable object lifecycle. Server Side Apply tries to merge fields based on the fact who manages them instead of overruling just based on values. This way it is intended to make it easier and more stable for multiple actors updating the same object by causing less unexpected interference.
When a user sends a “fully-specified intent” object to the Server Side Apply endpoint, the server merges it with the live object favoring the value in the applied config if it is specified in both places. If the set of items present in the applied config is not a superset of the items applied by the same user last time, each missing item not managed by any other appliers is removed. For more information about how an object’s schema is used to make decisions when merging, see sigs.k8s.io/structured-merge-diff.
希望对您有所帮助。
编辑: 是的,apply and update 使用此功能。
Apply and Update
The two operation types considered by this feature are
Apply
(PATCH
with content typeapplication/apply-patch+yaml
) andUpdate
(all other operations which modify the object). Both operations update themanagedFields
, but behave a little differently.For instance, only the apply operation fails on conflicts while update does not. Also, apply operations are required to identify themselves by providing a
fieldManager
query parameter, while the query parameter is optional for update operations. Finally, when using the apply operation you cannot havemanagedFields
in the object that is being applied.
client-go UPDATE是HTTP PUT,所以会replace对象,是原子操作。但是,在执行此操作时需要考虑一些情况,例如如果有多个客户端在同一个对象上操作......你应该查看这个链接的客户端示例和替代解决方案: