v1.14.0 Scheduled backup fails if namespace doesn't exist #7928
Comments
|
It seems the behavior was changed in #7431 by @ywk253100. While I agree that there should be some failure reporting if "--include-namespaces" references namespaces which do not exist, I don't agree that scheduled backups should be skipped entirely. This behavior is dangerous as the backup could be skipped without being recognized. IMHO the backup should be executed and the status should become |
phoenix-bjoern
changed the title
|
Ignoring this being in a schedule, has velero ever claimed that includedNamespaces can include namespaces that do not exists? If we ever implement wildcard/regex for namespaces to include #1874 then perhaps you could define that regex which I would expect would not fail a backup if no namespace exists. |
|
@kaovilai @phoenix-bjoern |
Right, referring to potential future implementation. 🤞 |
blackpiglet
added
the
Icebox
|
I prefer not to change this logic. The reason is marking backup as PartiallyFail on a non-existing namespace has been the existing behavior for quite some time. This PR introduces the behavior of marking backup as Until PR #6320 accidentally broke the check, then #7431 restored that behavior. |
|
@blackpiglet Not sure if I can follow. |
Same same. My suggestion is that if we ever support wildcard/regex, that it be a completely new field in the backup spec just for regex/wildcard support. Then the behavior to support this issue won't be breaking change. You'd have existing field for exact name, and new field for regex/wildcard. |
|
@kaovilai this issue is not about namespaces and regex/wildcards. It is about plain namespaces in schedules, which might be missing for whatever reason, and Velero v1.14.0 now doesn’t perform any backup. IMHO this is a critical issue and should be changed to a status „PartiallyFailed“ instead of „FailedValidation“ to ensure all other namespaces get backed up as intended by the schedule definition. |
|
I get the point about this not being regex.. I am simply suggesting that "if namespace don't exists, don't error" be part of the regex implementation in a new |
|
current available fields behavior is unlikely to change per #7928 (comment) |
|
@kaovilai hmm. I think PartiallyFailed is the longstanding Velero behavior. 1.12 introduced a regression that resulted in Completed rather than PartiallyFailed, but unfortunately the 1.14 fix resulted in FailedValidation backups rather than PartiallyFailed. Based on what @blackpiglet said above ("The reason is marking backup as PartiallyFail on a non-existing namespace has been the existing behavior for quite some time. |
|
@phoenix-bjoern @kaovilai @sseago If that's correct, I will create a PR to fix it. |
|
@blackpiglet CORRECT! Looking forward to your PR and happy to test it ❤️ |
|
@blackpiglet I think we're all in agreement now. Go ahead and create the PR. |
blackpiglet
removed
the
Icebox
|
@blackpiglet Do you plan to release this change as a new Velero version or should this change be considered as a bugfix for the v1.14 release? If it is a bugfix for v1.14 could you please merge the changes also to the release-1.14 branch? |
|
OK. I will create a cherry-pick PR to the release-1.14 |
|
@blackpiglet Confirming the solution works, thank you! |
|
@blackpiglet Thank you for the fix. Closing the ticket as the issue is resolved. Looking forward for the v1.14.1 release. |
What steps did you take and what happened:
Create a schedule and include a non-existing namespace:
What did you expect to happen:
Velero before v1.14.0 executed the backup without complaint. Velero v1.14.0 stops the scheduled backup instantly and sets the status
FailedValidationinstead of executing the backup and e.g. setting thePartiallyFailedstatus. This new behavior is dangerous (or even critical?) as scheduled backups become fragile and stop working as soon as a defined namespace doesn't exist anymore.The text was updated successfully, but these errors were encountered: