[SPARK-27258][K8S]Deal with the k8s resource names that don't match their own regular expression

[hehuiyuan]

What changes were proposed in this pull request?

The regex of Pod is ^a-z0-9?(.a-z0-9?).
The regex of Servive is ^a-z?.
The regex of Secret is ^a-z0-9?(.a-z0-9?).

If --name=-min, the first character is '-' ,which does not satisfy the regex for Pod ,Service,Secret.
if --name=1min, the first character is digit, which does not satisfy the regex for Service.

Previous Conflict PR

[hehuiyuan]

@srowen @skonto Hi, let us solve this problem.
Can this be merged now?

[skonto]

it should be falling back to some default name. It is not necessarily the shorter if the preferred is invalid.

[hehuiyuan]

This is only a method for dealing with the invalid service name. If the name is invalid and we don't deal with it, the job only has a driver pod.

[skonto]

I am referring to the warning message could be made more specific and also the name of the variable shorterServiceName . Since it may be invalid and not shorter in some cases I would replace shorterServiceName with defaultServiceName. Anyway this is nit.

[hehuiyuan]

Oh，I got it!

[skonto]

Is the svc name valid in all cases according to com.google.common.net.InternetDomainName.isValid as mentioned in the other PR? It seems that the svc name which is up to 63 chars and has no dots in it matches a domain label (https://www.ietf.org/rfc/rfc3490.txt) so that method will cover the validation.

[hehuiyuan]

Is the svc name valid in all cases according to com.google.common.net.InternetDomainName.isValid as mentioned in the other PR? As it is now it seems valid according to the spec: https://en.wikipedia.org/wiki/Domain_name.

Now, fabric8 API has some limitations，

 public class Service implements HasMetadata {
    @NotNull
    @JsonProperty("apiVersion")
    private String apiVersion = "v1";
    @NotNull
    @JsonProperty("kind")
    private String kind = "Service";
    @JsonProperty("metadata")
    @Valid
    @CheckObjectMeta(
        regexp = "^[a-z]([-a-z0-9]*[a-z0-9])?$",
        max = 63
    )

@CheckObjectMeta( regexp = "^[a-z]([-a-z0-9]*[a-z0-9])?$", max = 63 )

[skonto]

Yeah I saw that when digging into it. It should be ok from what I read: https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/ "Assume a Service named foo in the Kubernetes namespace bar. A Pod running in namespace bar can look up this service by simply doing a DNS query for foo. A Pod running in namespace quux can look up this service by doing a DNS query for foo.bar." so it matches the domain label, that is why there are these limitations. @liyinan926 can you verify this?

[holdenk]

I don't understand the purpose of Character.isLetter here, we've already filtered this down to only allow [a-z0-9]

[skonto]

LGTM wrt validation part.

[hehuiyuan]

LGTM wrt validation part.

Hi , how is progress now?

In addition, is it planned to provide hostNetwork and dnsPolicy for PodSpec?

[srowen]

Is this still needed then, if you're simply validating and replacing the name if it starts with "-"?

[hehuiyuan]

Is this still needed then, if you're simply validating and replacing the name if it starts with "-"?

The '^-' is used for all kubernetes resources. If the resource name starts with "-",we replace it with "" ,which can run normally .

The service name that starts with 0-9 is replace.

[hehuiyuan]

?

[holdenk]

If we need to match the fabric8 regex bellow, shouldn't this be .replaceAll("^[^a-z]", "") to replace any leading/first non alpha character?

[srowen]

I don't know enough to evaluate; @skonto does this look reasonable at this point?

[hehuiyuan]

I don't know enough to evaluate; @skonto does this look reasonable at this point?

@srowen @skonto ?

[SparkQA]

Test build #4823 has finished for PR 24839 at commit 7ed72cb.

• This patch passes all tests.
• This patch merges cleanly.
• This patch adds no public classes.

[hehuiyuan]

？

[holdenk]

Jenkins ok to test

[holdenk]

Thanks for working on this, I've got a question about two of the checks I'd like to understand more.

[holdenk]

I don't understand the purpose of Character.isLetter here, we've already filtered this down to only allow [a-z0-9]

[holdenk]

If we need to match the fabric8 regex bellow, shouldn't this be .replaceAll("^[^a-z]", "") to replace any leading/first non alpha character?

[SparkQA]

Test build #110712 has finished for PR 24839 at commit 7ed72cb.

• This patch fails to generate documentation.
• This patch merges cleanly.
• This patch adds no public classes.

[SparkQA]

Kubernetes integration test starting
URL: https://amplab.cs.berkeley.edu/jenkins/job/SparkPullRequestBuilder-K8s/15868/

[hehuiyuan]

@holdenk Hi,
#24839 (comment)
this resourceNamePrefix is used for Pod and Secret and Service resource . But only Service resource is not used when the first character is digit.

#24839 (comment)

Character.isLetter is only used for Service .

[SparkQA]

Kubernetes integration test status success
URL: https://amplab.cs.berkeley.edu/jenkins/job/SparkPullRequestBuilder-K8s/15868/

[holdenk]

Hi @hehuiyuan I don't completely understand your response. Let me write my understanding and you can point out where we're not matching up:

So the resourceNamePrefix is (with the change) gauranteed to start with something in [a-z0-9].
The point of the Character.isLetter is to filter out anything that starts with a number for service because only service has that requirement. While Character.isLetter accepts more than just [a-z] the other things it accepts has already been filtered out so in practice this is the same as doing a regex check for ^[a-z].*

If that's the case maybe just add a comment about that, because it takes a bit of tracing through the code to build up that context.

[hehuiyuan]

Hi @hehuiyuan I don't completely understand your response. Let me write my understanding and you can point out where we're not matching up:

So the resourceNamePrefix is (with the change) gauranteed to start with something in [a-z0-9].
The point of the Character.isLetter is to filter out anything that starts with a number for service because only service has that requirement. While Character.isLetter accepts more than just [a-z] the other things it accepts has already been filtered out so in practice this is the same as doing a regex check for ^[a-z].*

If that's the case maybe just add a comment about that, because it takes a bit of tracing through the code to build up that context.

Hi, it is ok. All resources (Pod /Service / Secret ..) will start with the first character is [a-z].

The changes I've made are more detailed.

First, all resources (Pod \Service ..) is not supported that the first character of name is -.
Then the first character of Pod's name can be digit.

[github-actions]

We're closing this PR because it hasn't been updated in a while.
This isn't a judgement on the merit of the PR in any way. It's just
a way of keeping the PR queue manageable.

If you'd like to revive this PR, please reopen it!