Cloud Computing 12 min read

OpenKruise v1.3 Highlights: Custom Probes, SidecarSet Upgrades, and Faster Scaling

OpenKruise v1.3 introduces the PodProbeMarker CRD for custom probes, adds new features to CloneSet, WorkloadSpread, Advanced DaemonSet, and SidecarSet—including historical version injection and pod annotation policies—while delivering significant performance gains for large‑scale clusters through queue optimizations and reduced CPU/memory usage.

Alibaba Cloud Native

Oct 9, 2022

OpenKruise v1.3 Highlights: Custom Probes, SidecarSet Upgrades, and Faster Scaling

OpenKruise v1.3, a CNCF Sandbox project, extends Kubernetes with new CRDs and controller capabilities for deployment, upgrade, and stability of cloud‑native applications. All features are delivered via standard CRDs and can be installed with a single Helm command on any Kubernetes 1.16+ cluster.

PodProbeMarker – Custom Probe CRD

Kubernetes provides three built‑in probes (Readiness, Liveness, Startup) with fixed semantics. OpenKruise adds the PodProbeMarker CRD, allowing users to define custom probe logic and expose the result in the Pod status, enabling use cases such as idle detection for game servers or role‑based upgrades for operators.

apiVersion: apps.kruise.io/v1alpha1
kind: PodProbeMarker
metadata:
  name: game-server-probe
  namespace: ns
spec:
  selector:
    matchLabels:
      app: game-server
  probes:
  - name: Idle
    containerName: game-server
    probe:
      exec: /home/game/idle.sh
      initialDelaySeconds: 10
      timeoutSeconds: 3
      periodSeconds: 10
      successThreshold: 1
      failureThreshold: 3
    markerPolicy:
    - state: Succeeded
      labels:
        gameserver-idle: "true"
      annotations:
        controller.kubernetes.io/pod-deletion-cost: "-10"
    - state: Failed
      labels:
        gameserver-idle: "false"
      annotations:
        controller.kubernetes.io/pod-deletion-cost: "10"
        podConditionType: game.io/idle

The probe result appears in the Pod’s status.conditions as a custom condition type (e.g., game.io/idle), with True for success and False for failure.

SidecarSet Enhancements

SidecarSet now records a ControllerRevision for containers, volumes, initContainers, imagePullSecrets, and patchPodMetadata. Users can select a specific revision during Pod creation, enabling safe gray‑release of sidecars.

apiVersion: apps.kruise.io/v1alpha1
kind: SidecarSet
metadata:
  name: sidecarset
spec:
  injectionStrategy:
    revisionName: specific-controllerRevision-name

Alternatively, a custom label apps.kruise.io/sidecarset-custom-version can be used to tag revisions and select them during injection.

apiVersion: apps.kruise.io/v1alpha1
kind: SidecarSet
metadata:
  name: sidecarset
  labels:
    apps.kruise.io/sidecarset-custom-version: version-2
spec:
  updateStrategy:
    partition: 90%
  injectionStrategy:
    customVersion: version-1

SidecarSet also supports injecting pod annotations with three policies:

Retain : inject only when the annotation does not exist.

Overwrite : replace existing annotation values.

MergePatchJson : merge JSON‑encoded annotation values.

apiVersion: apps.kruise.io/v1alpha1
kind: SidecarSet
spec:
  patchPodMetadata:
  - annotations:
      oom-score: '{"log-agent": 1}'
      custom.example.com/sidecar-configuration: '{"command": "/home/admin/bin/start.sh", "log-level": "3"}'
    patchPolicy: MergePatchJson
  - annotations:
      apps.kruise.io/container-launch-priority: Ordered
    patchPolicy: Overwrite

When using Overwrite or MergePatchJson, annotation changes are applied only during a sidecar container image upgrade; they are not applied by modifying annotations alone.

Advanced DaemonSet Image Pre‑download

Enabling the PreDownloadImageForDaemonSetUpdate feature gate causes the DaemonSet controller to pre‑pull new images on all nodes that host old Pods, accelerating gray‑release rollouts. Concurrency can be tuned via the apps.kruise.io/image-predownload-parallelism annotation.

apiVersion: apps.kruise.io/v1alpha1
kind: DaemonSet
metadata:
  annotations:
    apps.kruise.io/image-predownload-parallelism: "10"

CloneSet PreparingDelete Handling

By default, Pods in PreparingDelete are counted toward the replica count. Starting with v1.3, adding the label

apps.kruise.io/cloneset-scaling-exclude-preparing-delete: "true"

excludes such Pods from replica calculations, allowing immediate scaling actions without waiting for termination.

Advanced CronJob Time Zones

The new spec.timeZone field lets users specify any IANA time‑zone name (e.g., Asia/Shanghai) for schedule calculations, overriding the controller manager’s local time zone.

Other Notable Changes

Queue‑delay mechanism reduces CloneSet controller queue buildup, cutting initialization time by >80% (PR #1026).

PodUnavailableBudget event handler optimized to lower unrelated pod enqueues (PR #1027).

Advanced DaemonSet CPU/Memory usage reduced via caching (PR #1011).

Memory consumption lowered and DeepCopy issues fixed (PR #1015, #1068).

Full change details, authors, and commit history are available on the OpenKruise GitHub releases page.

Original Source

Signed-in readers can open the original source through BestHub's protected redirect.

Republication Notice

This article has been distilled and summarized from source material, then republished for learning and reference. If you believe it infringes your rights, please contactand we will review it promptly.

performance Kubernetes CRD OpenKruise SidecarSet Custom Probe

Written by

Alibaba Cloud Native

We publish cloud-native tech news, curate in-depth content, host regular events and live streams, and share Alibaba product and user case studies. Join us to explore and share the cloud-native insights you need.

0 followers

Reader feedback

How this landed with the community

Rate this article

Was this worth your time?

Discussion

0 Comments

Thoughtful readers leave field notes, pushback, and hard-won operational detail here.