[stable/jenkins] Custom pod annotations trigger infinite loop

Question

[stable/jenkins] Custom pod annotations trigger infinite loop

mcandre opened this issue 3 years ago · comments

Describe the bug

I have a need to append an extra annotation on my Jenkins worker pods. In order to prevent istio from injecting sidecars into my worker pods. However, when I do this, then the job enters an infinite loop. There are conditions where Jenkins initiates jnlp container, then the actual worker container, then mistakenly the jnlp container, and again, forever. The job gets stuck in this loop.

A dummy command is usually necessary to prevent this loop, such as /bin/cat, in order for the worker container to override the silly default jnlp start command. Unfortunately, the istio annotation has the same effect as removing the /bin/cat command override: Infinite loop.

Jenkinsfile:

podTemplate(yaml: """
---
apiVersion: "v1"
kind: "Pod"
metadata:
  annotations:
    sidecar.istio.io/inject: "false"
spec:
  containers:
    - name: "docker-in-docker"
      image: "docker-in-docker:latest"
      imagePullPolicy: "Always"
      tty: true
      command: ["/bin/cat"] # Fix worker infinite recursion
      volumeMounts:
      - mountPath: "/var/run/docker.sock"
        name: "docker-socket-volume"
      securityContext:
        privileged: true
        runAsUser: 0
      restartPolicy: "Never"
  volumes:
  - name: "docker-socket-volume"
    hostPath:
      path: "/var/run/docker.sock"
      type: "File"
""") {
    node(POD_LABEL) {
        stage('Deploy') {
            container("docker-in-docker") {
                checkout scm
                sh """
                    docker build -t derp:latest .
                    docker rmi derp:latest
                """
            }
        }
    }
}

Version of Helm and Kubernetes:

$ helm version
version.BuildInfo{Version:"v3.5.4", GitCommit:"1b5edb69df3d3a08df77c9902dc17af864ff05d1", GitTreeState:"dirty", GoVersion:"go1.16.3"}

$ kubectl version
Client Version: version.Info{Major:"1", Minor:"20", GitVersion:"v1.20.4", GitCommit:"e87da0bd6e03ec3fea7933c4b5263d151aafd07c", GitTreeState:"clean", BuildDate:"2021-02-21T20:21:49Z", GoVersion:"go1.15.8", Compiler:"gc", Platform:"darwin/amd64"}
Server Version: version.Info{Major:"1", Minor:"19+", GitVersion:"v1.19.8-eks-96780e", GitCommit:"96780e1b30acbf0a52c38b6030d7853e575bcdf3", GitTreeState:"clean", BuildDate:"2021-03-10T21:32:29Z", GoVersion:"go1.15.8", Compiler:"gc", Platform:"linux/amd64"}

Which chart:

Jenkins

What happened:

Jobs enter an infinite loop.

What you expected to happen:

The normal job steps should execute.

How to reproduce it (as minimally and precisely as possible):

Use the Jenkinsfile above.

Anything else we need to know:

I am not sure if the problem is specific to the Helm chart for Jenkins, or possibly the Kubernetes Jenkins plugin. But the overall behavior is very bad. There are TWO DIFFERENT WAYS to trigger an infinite loop that blocks the job indefinitely.

Is the pod template YAML naively overriding some necessary annotations for Jenkins worker pods? Would merging the YAML fields together help to resolve this problem?

stale · Answer 1 · Wed Jul 21 2021 11:46:20 GMT+0800 (China Standard Time)

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Any further update will cause the issue/pull request to no longer be considered stale. Thank you for your contributions.

stale · Answer 2 · Sun Jan 09 2022 17:09:04 GMT+0800 (China Standard Time)

This issue is being automatically closed due to inactivity.