allow annotation to specify shutdown pause #4313
Comments
|
I tried to use the dapr service instead of the sidecar address in the meantime, but at least the health endpoint ( |
|
This issue has been automatically marked as stale because it has not had activity in the last 60 days. It will be closed in the next 7 days unless it is tagged (pinned, good first issue, help wanted or triaged/resolved) or other activity occurs. Thank you for your contributions. |
|
This issue has been automatically closed because it has not had activity in the last 67 days. If this issue is still valid, please ping a maintainer and ask them to label it as pinned, good first issue, help wanted or triaged/resolved. Thank you for your contributions. |
|
Summarizing the approach: Stops new incoming messages right away for PubSub, Binding and Service Invocation. |
|
@artursouza |
|
I found |
|
sorry, I was completely out of the loop here. Yes I believe it does. Imagine a pubsub scenario where a messagehandler processes messages, and for each processed message, it needs to send a message to another queue (confirmation message). Each message might take between 10 seconds and 10 minutes to complete (this is real-life btw, we used dapr to respond to uploaded audio files that would vary a lot in file size and thus processing them also varied a lot). In this case I would set This is why I believe it's crucial to have the ability for dapr to somehow ask the "main app" if it's safe to stop. Dapr should exit as soon as the app container has exited - it doesn't make sense to have dapr around after the app container has quit. (This is what I experimented with in DAPS (https://github.com/trondhindenes/daps) and it worked quite well. Would ofc be much better to have that functionality in dapr itself) |
|
@trondhindenes check out Dapr health checks: https://docs.dapr.io/developing-applications/building-blocks/observability/app-health/. |
|
ah, nice. I guess the combination of |
|
@trondhindenes - Please check the draft PR #5562. It is in draft so that I can test thoroughly |
|
Hi, sorry for the late reply. I belive this issue is fixed now. I haven't verified it against the described use-case since I don't work on that project any more, but let's close this issue. I'll do some more testing when I have time, and if I discover anything iffy related to this I'll create a new issue (link to this one for history). |
|
okay-to-close |
|
I don't think I propose adding a |
|
Hi @JoshVanL Following the discussion in 7211, There is an interesting case for pubsub during shutdown which we found that Dapr doesn't permit the subscriber application to finish the last requests sent to the subscriber application, and the requests contexts are cancelled immediately, which the expectation was to enable the last requests to be processed and not to interrupt them (maybe worth defining a dedicated timeout mechanism for these last requests. |
|
Hi @husseineAtBay, indeed the intention is to cover this case (with my proposal) through |
|
Hi @JoshVanL just to verify I was clear, we are talking about the requests sent from dapr side car to the subscriber app to invoke our application in pub/sub use case, you described the other direction (subscriber app calls to dapr side car during shutdown). |
|
@husseineAtBay the other direction should also be covered, we make no distinction at this level- so long as your application is coded to continue to operate after a TERM signal has been received from Kubernetes up until it is ready to exit. |
Part of dapr/dapr#4313 Signed-off-by: joshvanl <me@joshvanl.dev>
Closes dapr#4313 Docs: dapr/docs#3893 PR adds the `--block-shutdown-seconds` CLI flag and corresponding `dapr.io/block-shutdown-seconds` Kubernetes annotation which configures Daprd to block the graceful shutdown procedure until _either_, the block shutdown seconds has elapsed _or_ the application has become unhealthy, as according to the normal app health status. By default, this option is unset, and therefore there is no effect to the current behaviour of graceful shutdown. When set, Daprd will block the interrupt signal cascading into runtime until the above requirements have been met. The framework process `Cleanup` order has been reversed to mimic `t.Cleanup` and allow the `logline` process to function correctly. Signed-off-by: joshvanl <me@joshvanl.dev>
* Adds Daprd option `--block-shutdown-seconds` Closes #4313 Docs: dapr/docs#3893 PR adds the `--block-shutdown-seconds` CLI flag and corresponding `dapr.io/block-shutdown-seconds` Kubernetes annotation which configures Daprd to block the graceful shutdown procedure until _either_, the block shutdown seconds has elapsed _or_ the application has become unhealthy, as according to the normal app health status. By default, this option is unset, and therefore there is no effect to the current behaviour of graceful shutdown. When set, Daprd will block the interrupt signal cascading into runtime until the above requirements have been met. The framework process `Cleanup` order has been reversed to mimic `t.Cleanup` and allow the `logline` process to function correctly. Signed-off-by: joshvanl <me@joshvanl.dev> * Revert if check on killing process exec proc cleanup Signed-off-by: joshvanl <me@joshvanl.dev> * Revert error ignore of processes already killed in unix Signed-off-by: joshvanl <me@joshvanl.dev> * Skip shutdown/graceful/block/healthy on windows. * Skip shutdown/block/unhealthy test on windows. * Linting Signed-off-by: joshvanl <me@joshvanl.dev> * Updates `dapr-block-shutdown-seconds` to `dapr-block-shutdown-duration` Signed-off-by: joshvanl <me@joshvanl.dev> --------- Signed-off-by: joshvanl <me@joshvanl.dev> Co-authored-by: Loong Dai <long.dai@intel.com>
* Adds Daprd option `--block-shutdown-seconds` Closes dapr#4313 Docs: dapr/docs#3893 PR adds the `--block-shutdown-seconds` CLI flag and corresponding `dapr.io/block-shutdown-seconds` Kubernetes annotation which configures Daprd to block the graceful shutdown procedure until _either_, the block shutdown seconds has elapsed _or_ the application has become unhealthy, as according to the normal app health status. By default, this option is unset, and therefore there is no effect to the current behaviour of graceful shutdown. When set, Daprd will block the interrupt signal cascading into runtime until the above requirements have been met. The framework process `Cleanup` order has been reversed to mimic `t.Cleanup` and allow the `logline` process to function correctly. Signed-off-by: joshvanl <me@joshvanl.dev> * Revert if check on killing process exec proc cleanup Signed-off-by: joshvanl <me@joshvanl.dev> * Revert error ignore of processes already killed in unix Signed-off-by: joshvanl <me@joshvanl.dev> * Skip shutdown/graceful/block/healthy on windows. * Skip shutdown/block/unhealthy test on windows. * Linting Signed-off-by: joshvanl <me@joshvanl.dev> * Updates `dapr-block-shutdown-seconds` to `dapr-block-shutdown-duration` Signed-off-by: joshvanl <me@joshvanl.dev> --------- Signed-off-by: joshvanl <me@joshvanl.dev> Co-authored-by: Loong Dai <long.dai@intel.com>
* Adds Daprd option `--block-shutdown-seconds` Closes dapr#4313 Docs: dapr/docs#3893 PR adds the `--block-shutdown-seconds` CLI flag and corresponding `dapr.io/block-shutdown-seconds` Kubernetes annotation which configures Daprd to block the graceful shutdown procedure until _either_, the block shutdown seconds has elapsed _or_ the application has become unhealthy, as according to the normal app health status. By default, this option is unset, and therefore there is no effect to the current behaviour of graceful shutdown. When set, Daprd will block the interrupt signal cascading into runtime until the above requirements have been met. The framework process `Cleanup` order has been reversed to mimic `t.Cleanup` and allow the `logline` process to function correctly. Signed-off-by: joshvanl <me@joshvanl.dev> * Revert if check on killing process exec proc cleanup Signed-off-by: joshvanl <me@joshvanl.dev> * Revert error ignore of processes already killed in unix Signed-off-by: joshvanl <me@joshvanl.dev> * Skip shutdown/graceful/block/healthy on windows. * Skip shutdown/block/unhealthy test on windows. * Linting Signed-off-by: joshvanl <me@joshvanl.dev> * Updates `dapr-block-shutdown-seconds` to `dapr-block-shutdown-duration` Signed-off-by: joshvanl <me@joshvanl.dev> --------- Signed-off-by: joshvanl <me@joshvanl.dev> Co-authored-by: Loong Dai <long.dai@intel.com>
In what area(s)?
/area runtime
Describe the feature
We're struggling with making dapr lifecycle robust, especially during shutdown. We have some pods that need a few seconds (up to 30) to shutdown, and during those 30 seconds, they require the dapr sidecar to be available so that messages can be sent. However, since these pods are in the "draining" state, we don't want them to receive more traffic
I propose that a new annotation is added:
dapr.io/shutdown-wait-secs. If specified, the sidecar is kept alive for the specified number of seconds, but only for outbound traffic (e.g. it will not pick up new messages etc).This annotation could be used to setup a
preStophook on the injected container and do something likecommand: ["/bin/sh", "-c", "/bin/dapr -c prepShutdown && sleep 30 && /bin/dapr -c doShutdown"]The point is that there needs to be a way to instruct dapr to go into "passive" mode where it will still forward messages to the queue etc, but not receive anything inbound. Without this it's very difficult to build a robust messaging system using dapr.
The text was updated successfully, but these errors were encountered: