The base of this repo was originally forked from github.com/trstringer/k8s-controller-core-resource
This is a custom Kubernetes controller for the purpose of watching running pods, and sending a SIGTERM to sidecar containers when the "main" application container has exited (and the sidecars are the only non-terminated containers).
This is a response to kubernetes/kubernetes#25908.
- Deploy the controller into your cluster.
- Add the
riskified.com/sidecarsannotation to your pods, with a comma-seperated list of sidecar container names.
Example:
---
apiVersion: batch/v1beta1
kind: CronJob
metadata:
name: test-job
spec:
schedule: "*/5 * * * *"
startingDeadlineSeconds: 240
failedJobsHistoryLimit: 5
successfulJobsHistoryLimit: 1
concurrencyPolicy: "Replace"
jobTemplate:
spec:
activeDeadlineSeconds: 300 # 5 min
template:
metadata:
annotations:
sidecar-terminator/sidecars: istio-proxy
spec:
restartPolicy: Never
containers:
- name: test-job
image: ubuntu:latest
command: ["sleep", "5"]