fix: prevent PreStop deadlock with two-stage drain signal mechanism

The previous implementation had a circular dependency where:
- User container PreStop waited for drain-complete file
- Queue-proxy only wrote drain-complete after receiving SIGTERM
- But SIGTERM was blocked waiting for PreStop to finish

This fix implements a two-stage drain signal:
1. Queue-proxy PreStop writes drain-started immediately on pod deletion
2. User container PreStop waits for drain-started (with 3s timeout for
safety)
3. Queue-proxy SIGTERM handler drains requests and writes drain-complete
4. User container waits for drain-complete before allowing termination

This ensures proper shutdown sequencing without deadlock while still
delaying user container termination until queue-proxy has drained.

Also includes cleanup of stale drain signal files on queue-proxy
startup.

feat: improve PreStop drain coordination with exponential backoff

- Replace fixed 3-second wait with exponential backoff (1, 2, 4, 8
seconds)
- Change drain-complete check interval from 0.1s to 1s to reduce CPU
usage
- Exit gracefully if drain-started is never detected after retries
- More robust handling of queue-proxy failures or slow PreStop execution

This provides better resilience against timing issues while reducing
unnecessary CPU usage during the wait loop.

test: add comprehensive integration tests for shutdown coordination

Add integration tests to verify the PreStop shutdown coordination works
correctly in various scenarios:

- Normal shutdown sequence with proper signal ordering
- Queue-proxy crash/failure scenarios
- High load conditions with many pending requests
- File system permission issues
- Race condition testing with 50 iterations
- Long-running requests that exceed typical drain timeout

These tests ensure the exponential backoff and two-stage drain signal
mechanism handles edge cases gracefully.

Run with: go test -tags=integration -race ./pkg/queue/sharedmain

refactor: extract drain signal paths and logic to shared constants

Based on PR review feedback, centralize drain signal configuration:

- Create pkg/queue/drain/signals.go with all drain-related constants
- Define signal file paths (DrainStartedFile, DrainCompleteFile)
- Extract shell script logic into BuildDrainWaitScript() function
- Define exponential backoff delays and check intervals as constants
- Update all references to use the new constants package

This improves code maintainability and makes it easier to modify
drain behavior in the future. All file paths and timing parameters
are now defined in a single location.

Author: elijah-rou

pkg/queue/drain/signals.go

@@ -0,0 +1,56 @@
+/*
+Copyright 2024 The Knative Authors
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package drain
+
+const (
+	// SignalDirectory is the directory where drain signal files are created
+	SignalDirectory = "/var/run/knative"
+
+	// DrainStartedFile indicates that pod termination has begun and queue-proxy is handling shutdown
+	DrainStartedFile = SignalDirectory + "/drain-started"
+
+	// DrainCompleteFile indicates that queue-proxy has finished draining requests
+	DrainCompleteFile = SignalDirectory + "/drain-complete"
+
+	// DrainCheckInterval is how often to check for drain completion
+	DrainCheckInterval = "1" // seconds
+
+	// ExponentialBackoffDelays are the delays in seconds for checking drain-started file
+	// Total max wait time: 1+2+4+8 = 15 seconds
+	ExponentialBackoffDelays = "1 2 4 8"
+)
+
+// BuildDrainWaitScript generates the shell script for waiting on drain signals.
+// If existingCommand is provided, it will be executed before the drain wait.
+func BuildDrainWaitScript(existingCommand string) string {
+	drainLogic := `for i in ` + ExponentialBackoffDelays + `; do ` +
+		`  if [ -f ` + DrainStartedFile + ` ]; then ` +
+		`    until [ -f ` + DrainCompleteFile + ` ]; do sleep ` + DrainCheckInterval + `; done; ` +
+		`    exit 0; ` +
+		`  fi; ` +
+		`  sleep $i; ` +
+		`done; ` +
+		`exit 0`
+
+	if existingCommand != "" {
+		return existingCommand + "; " + drainLogic
+	}
+	return drainLogic
+}
+
+// QueueProxyPreStopScript is the script executed by queue-proxy's PreStop hook
+const QueueProxyPreStopScript = "touch " + DrainStartedFile

pkg/queue/drain/signals_test.go

@@ -0,0 +1,242 @@
+/*
+Copyright 2024 The Knative Authors
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package drain
+
+import (
+	"strings"
+	"testing"
+)
+
+func TestConstants(t *testing.T) {
+	tests := []struct {
+		name     string
+		got      string
+		expected string
+	}{
+		{
+			name:     "SignalDirectory",
+			got:      SignalDirectory,
+			expected: "/var/run/knative",
+		},
+		{
+			name:     "DrainStartedFile",
+			got:      DrainStartedFile,
+			expected: "/var/run/knative/drain-started",
+		},
+		{
+			name:     "DrainCompleteFile",
+			got:      DrainCompleteFile,
+			expected: "/var/run/knative/drain-complete",
+		},
+		{
+			name:     "DrainCheckInterval",
+			got:      DrainCheckInterval,
+			expected: "1",
+		},
+		{
+			name:     "ExponentialBackoffDelays",
+			got:      ExponentialBackoffDelays,
+			expected: "1 2 4 8",
+		},
+		{
+			name:     "QueueProxyPreStopScript",
+			got:      QueueProxyPreStopScript,
+			expected: "touch /var/run/knative/drain-started",
+		},
+	}
+
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			if tt.got != tt.expected {
+				t.Errorf("got %q, want %q", tt.got, tt.expected)
+			}
+		})
+	}
+}
+
+func TestBuildDrainWaitScript(t *testing.T) {
+	tests := []struct {
+		name            string
+		existingCommand string
+		wantContains    []string
+		wantExact       bool
+	}{
+		{
+			name:            "without existing command",
+			existingCommand: "",
+			wantContains: []string{
+				"for i in 1 2 4 8",
+				"if [ -f /var/run/knative/drain-started ]",
+				"until [ -f /var/run/knative/drain-complete ]",
+				"sleep 1",
+				"sleep $i",
+				"exit 0",
+			},
+			wantExact: false,
+		},
+		{
+			name:            "with existing command",
+			existingCommand: "echo 'custom prestop'",
+			wantContains: []string{
+				"echo 'custom prestop'",
+				"for i in 1 2 4 8",
+				"if [ -f /var/run/knative/drain-started ]",
+				"until [ -f /var/run/knative/drain-complete ]",
+				"sleep 1",
+				"sleep $i",
+				"exit 0",
+			},
+			wantExact: false,
+		},
+		{
+			name:            "with complex existing command",
+			existingCommand: "/bin/sh -c 'kill -TERM 1 && wait'",
+			wantContains: []string{
+				"/bin/sh -c 'kill -TERM 1 && wait'",
+				"for i in 1 2 4 8",
+				"if [ -f /var/run/knative/drain-started ]",
+				"until [ -f /var/run/knative/drain-complete ]",
+			},
+			wantExact: false,
+		},
+	}
+
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			got := BuildDrainWaitScript(tt.existingCommand)
+
+			for _, want := range tt.wantContains {
+				if !strings.Contains(got, want) {
+					t.Errorf("BuildDrainWaitScript() missing expected substring %q\nGot: %q", want, got)
+				}
+			}
+
+			// Verify the command structure
+			if tt.existingCommand != "" {
+				// Should start with the existing command
+				if !strings.HasPrefix(got, tt.existingCommand+"; ") {
+					t.Errorf("BuildDrainWaitScript() should start with existing command followed by '; '\nGot: %q", got)
+				}
+			}
+
+			// Verify the script ends with exit 0
+			if !strings.HasSuffix(got, "exit 0") {
+				t.Errorf("BuildDrainWaitScript() should end with 'exit 0'\nGot: %q", got)
+			}
+		})
+	}
+}
+
+func TestBuildDrainWaitScriptStructure(t *testing.T) {
+	// Test the exact structure of the generated script without existing command
+	got := BuildDrainWaitScript("")
+	expected := "for i in 1 2 4 8; do " +
+		"  if [ -f /var/run/knative/drain-started ]; then " +
+		"    until [ -f /var/run/knative/drain-complete ]; do sleep 1; done; " +
+		"    exit 0; " +
+		"  fi; " +
+		"  sleep $i; " +
+		"done; " +
+		"exit 0"
+
+	if got != expected {
+		t.Errorf("BuildDrainWaitScript(\"\") structure mismatch\nGot:      %q\nExpected: %q", got, expected)
+	}
+}
+
+func TestBuildDrainWaitScriptWithCommandStructure(t *testing.T) {
+	// Test the exact structure of the generated script with existing command
+	existingCmd := "echo 'test'"
+	got := BuildDrainWaitScript(existingCmd)
+	expected := "echo 'test'; for i in 1 2 4 8; do " +
+		"  if [ -f /var/run/knative/drain-started ]; then " +
+		"    until [ -f /var/run/knative/drain-complete ]; do sleep 1; done; " +
+		"    exit 0; " +
+		"  fi; " +
+		"  sleep $i; " +
+		"done; " +
+		"exit 0"
+
+	if got != expected {
+		t.Errorf("BuildDrainWaitScript with command structure mismatch\nGot:      %q\nExpected: %q", got, expected)
+	}
+}
+
+func TestBuildDrainWaitScriptEdgeCases(t *testing.T) {
+	tests := []struct {
+		name            string
+		existingCommand string
+		checkFunc       func(t *testing.T, result string)
+	}{
+		{
+			name:            "empty string produces valid script",
+			existingCommand: "",
+			checkFunc: func(t *testing.T, result string) {
+				if result == "" {
+					t.Error("BuildDrainWaitScript(\"\") should not return empty string")
+				}
+				if !strings.Contains(result, "for i in") {
+					t.Error("BuildDrainWaitScript(\"\") should contain for loop")
+				}
+			},
+		},
+		{
+			name:            "command with semicolon",
+			existingCommand: "cmd1; cmd2",
+			checkFunc: func(t *testing.T, result string) {
+				if !strings.HasPrefix(result, "cmd1; cmd2; ") {
+					t.Error("BuildDrainWaitScript should preserve command with semicolons")
+				}
+			},
+		},
+		{
+			name:            "command with special characters",
+			existingCommand: "echo '$VAR' && test -f /tmp/file",
+			checkFunc: func(t *testing.T, result string) {
+				if !strings.HasPrefix(result, "echo '$VAR' && test -f /tmp/file; ") {
+					t.Error("BuildDrainWaitScript should preserve special characters")
+				}
+			},
+		},
+	}
+
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			result := BuildDrainWaitScript(tt.existingCommand)
+			tt.checkFunc(t, result)
+		})
+	}
+}
+
+func BenchmarkBuildDrainWaitScript(b *testing.B) {
+	testCases := []struct {
+		name    string
+		command string
+	}{
+		{"NoCommand", ""},
+		{"SimpleCommand", "echo test"},
+		{"ComplexCommand", "/bin/sh -c 'kill -TERM 1 && wait'"},
+	}
+
+	for _, tc := range testCases {
+		b.Run(tc.name, func(b *testing.B) {
+			for range b.N {
+				_ = BuildDrainWaitScript(tc.command)
+			}
+		})
+	}
+}

pkg/queue/sharedmain/main.go

@@ -49,6 +49,7 @@ import (
 	"knative.dev/serving/pkg/observability"
 	"knative.dev/serving/pkg/queue"
 	"knative.dev/serving/pkg/queue/certificate"
+	"knative.dev/serving/pkg/queue/drain"
 	"knative.dev/serving/pkg/queue/readiness"
 )
 
@@ -273,8 +274,9 @@ func Main(opts ...Option) error {
 
 	logger.Info("Starting queue-proxy")
 
-	// Clean up any stale drain signal file from previous runs
-	os.Remove("/var/run/knative/drain-complete")
+	// Clean up any stale drain signal files from previous runs
+	os.Remove(drain.DrainStartedFile)
+	os.Remove(drain.DrainCompleteFile)
 
 	errCh := make(chan error)
 	for name, server := range httpServers {
@@ -322,14 +324,16 @@ func Main(opts ...Option) error {
 		for range ticker.C {
 			if pendingRequests.Load() <= 0 {
 				logger.Infof("Drain: all pending requests completed")
-				// Write drain signal file for PreStop hooks to detect
-				if err := os.WriteFile("/var/run/knative/drain-complete", []byte(""), 0o600); err != nil {
-					logger.Errorw("Failed to write drain signal file", zap.Error(err))
-				}
 				break WaitOnPendingRequests
 			}
 		}
 
+		// Write drain-complete signal file after draining is done
+		// This signals to user containers that queue-proxy has finished draining
+		if err := os.WriteFile(drain.DrainCompleteFile, []byte(""), 0o600); err != nil {
+			logger.Errorw("Failed to write drain-complete signal file", zap.Error(err))
+		}
+
 		for name, srv := range httpServers {
 			logger.Info("Shutting down server: ", name)
 			if err := srv.Shutdown(context.Background()); err != nil {