In k8s some objects are owned (Dependents) and others are owners (e.g., Deployments own ReplicaSets, which own Pods.) Dependent objects have the metadata.ownerReferences field which stores the name and UID of the owner object.
In mechanism this is different from the Labels1 metadata primitive since labels are used by managing controllers2 to determine which objects should be managed, and ownerReferences are used to determine which objects must be removed when an owner is marked for deletion.
By default, k8s sets the ownerReferences.blockOwnerDeletion field to true, whenever a controller sets the value of the metadata.ownerReferences field in a dependent. In a foreground deletion3, only dependents with blockOwnerDeletion=true and that are in the garbage collection controller cache prevent the owner from being deleted until those dependents are removed first. However, the default deletion behaviour in k8s is “background” — the owner is deleted immediately and dependents are removed post-factum while satisfying existing finalizers4.
Sources
- https://kubernetes.io/docs/concepts/overview/working-with-objects/owners-dependents/
- https://kubernetes.io/docs/concepts/architecture/garbage-collection/
Footnotes
-
See k8s controllers. ↩
-
See Finalizers in k8s. ↩