Hey everyone! I'm looking for some advice on how to deploy my gRPC services without any downtime. We have a bunch of microservices, and they interact with each other via gRPC calls. Our setup uses headless services (ClusterIP = None), which means we're handling client-side load balancing by resolving these services to their IPs and using round-robin. The Go gRPC library caches the DNS with a TTL of 30 seconds. Here's where the issue comes in: when I upgrade a pod (using helm upgrade), the updated pods get new IPs, but the client pods don't update their DNS right away. This leads to temporary connectivity loss when they can't reach the new IPs. I'm trying to minimize this downtime as much as possible. Has anyone faced a similar issue? What solutions did you find helpful? Just to add, I'm aware of linkerd and its benefits, but we might not implement it in the near term. Also, I'm not keen on setting minReadySeconds to 30 seconds since it could disrupt autoscaling. Thanks for any insights!
5 Answers
That's super interesting! I wonder why you opted for a headless service in the first place? Why not just go with a regular service that has a ClusterIP? That way, kube-proxy could handle the load balancing for you without these upgrade headaches.
I can totally relate; I've spent way too much time wrestling with this! The main issue is gRPC clients not automatically refreshing the IPs for new pods since there's no background task monitoring that. Here are a couple of workarounds that worked for me:
1. **Linkerd**: By far the simplest and quickest approach. It requires some setup but is really efficient and helps manage loads well, although it does bind you to one load-balancing method.
2. **Envoy Proxy**: We set up an Envoy instance in front of our pods to proactively watch for changes in pod IPs. It does require manual configurations for every service, but you can also template it. Expect a bit of a rocky start until you nail down the production parameters for Envoy.
We ended up using both methods based on our needs: Linkerd for simpler cases and Envoy for those requiring a bit more control. There are other options out there, but these were the most useful for my situation. I also explored xDS with gRPC clients but couldn't find solid documentation; that could be another avenue worth your time.
I’m not a fan of leaving things to chance with helm upgrades either. Have you thought about blue-green or A/B deployment strategies? This would let you test the new version before fully switching over, and you can just change the Cluster IP to point to the new deployment after you validate everything works fine.
I haven't completely figured this out, but maybe you could combine a higher `maxSurge` with a lifecycle `preStop` hook? This way, when you do a helm upgrade, Kubernetes can bring up the new pods while the old ones are still active. You could add a sleep command in the `preStop` that lets old pods continue to handle requests for about 30 seconds, giving clients some time to catch the new pod IPs. Just be aware it might slow down your rollouts and increase costs, plus I'm not sure how connection draining would work with this approach.
One quick fix could be to add a 1-minute sleep to the `preStop` lifecycle hook and bump up the termination grace period on the service itself. This way, it allows the old pods to stay active for a bit, letting DNS update and serve traffic while still sticking to the same old IPs during that transition period.
Related Questions
Set Wordpress Featured Image Using Javascript
How To Fix PHP Random Being The Same
Why no WebP Support with Wordpress
Replace Wordpress Cron With Linux Cron
Customize Yoast Canonical URL Programmatically
[Centos] Delete All Files And Folders That Contain a String