20230807_eci与swagent问题处置方式

tag: skywalking-swck-mutating-webhook-configuration

一、问题现象

使用ECI作为弹性容器过程当中因为阿里云ECI容器会对部署的pod触发patch annotation操作如下:

而在此eci 控制器patch 之前 skywalking-swck-controller-manager 控制器会对namespace 带标签swck-injection=enabled 与pod 带标签swck-java-agent-injected: "true" 的容器提前注入init容器。

由于eci控制器的patch 操作后于(目前推测)首次skywalking-swck-controller-manager的patch 操作。此时skywalking-swck-controller-manager控制器通过mutatingwebhookconfiguration 观测swagents 有对象有update动作,因此skywalking-swck-controller-manager会再次对已经patch的pod对象执行mutating 操作,patch 的内容为当前namesapce 定义的swagents.operator.skywalking.apache.org

image-20230807193634223

其中sharedVolumeName的 为emptyDir{} 的volume。

该对象会导致pod被创建过程当中 出现 如下错误:

6b506de6f3124cabd3de9ee4886c039d

swagent定义模板:

image-20230807193504185

二、处置方式

修改skywalking-swck-controller-manager注入逻辑operator/pkg/operator/injector/injection.go

image-20230807194322552

重新编译打包,上传至仓库,修改skywalking-swck-controller-manager deployment image地址:ssslkj123/skywalking-swck:v0.7.0-eci-fix

三、镜像重新构建打包方式

3.1.下载源码

1git clone https://github.com/apache/skywalking-swck.git
2git checkout  v0.7.0

3.2 修改编译镜像Dockerfile

 1# cat operator/Dockerfile
 2
 3FROM golang:1.17 as builder
 4
 5WORKDIR /workspace
 6# Copy the Go Modules manifests
 7COPY go.mod go.mod
 8COPY go.sum go.sum
 9# cache deps before building and copying source so that we don't need to re-download as much
10# and so that source changes don't invalidate our downloaded layer
11#ENV GOPROXY=https://mirrors.aliyun.com/goproxy/,direct
12ENV GOPROXY=https://goproxy.cn,direct
13RUN go mod download
14
15# Copy the go source
16COPY main.go main.go
17COPY apis/ apis/
18COPY controllers/ controllers/
19COPY pkg/ pkg/
20
21# Build
22RUN CGO_ENABLED=0 GOOS=linux GOARCH=amd64 GO111MODULE=on go build -a -o manager main.go
23
24# Use distroless as minimal base image to package the manager binary
25# Refer to https://github.com/GoogleContainerTools/distroless for more details
26FROM gengweifeng/gcr-io-distroless-static-nonroot:latest
27# FROM gcr.io/distroless/static:nonroot
28WORKDIR /
29COPY --from=builder /workspace/manager /manager
30USER 65532:65532
31
32ENTRYPOINT ["/manager"]

3.编译&安装

1# 安装 operator 代码生成工具
2go install sigs.k8s.io/controller-tools/cmd/controller-gen@v0.7.0
3# 编译
4make -C operator docker-build
5export IMAGE_BASE=ssslkj123/skywalking-swck:v0.7.0-eci-fix && docker tag controller:latest ${IMAGE_BASE} && docker push ${IMAGE_BASE}