PDB Reaper

[eytan-avisror]

TBD:

• Documentation
• Event Publication

[kevdowney]

You're copying a lot of the same data into multiple maps/slices. It would be more efficient if you stored here just the namespace & name in this ReapablePodDisruptionBudgets slice as that's all that's required for the Delete call or use pointers *policyv1beta1.PodDisruptionBudget

[eytan-avisror]

Can you elaborate?
Data is copied a single time when it's added to the slice of PDBs when it's detected

[kevdowney]

It appears you store the full object policyv1beta1.PodDisruptionBudget in multiple places, maybe in a map you have the full object then you append it to the slice of ReapablePodDisruptionBudgets, instead of copying by value multiple places you can use refs or maybe have a slice of namespace/name of pdb b/c that slice is only used for a delete call where namespace and name are required only.

[shrinandj]

Misbehaving worker nodes are okay to be terminated because they are brought back by various autoscaling mechanisms. Misbehaving pods are okay to be terminated because various higher level objects (Deployments, replicasets, etc.) bring back the terminated pods. Nodes and pods can be considered ephemeral in that sense.

However, this is not true with PDBs. If PDBs are deleted, users will have to find ways of bringing them back. It might be okay if they use GitOPS but in non-gitops envs, objects getting deleted could be problematic.

Not sure what's a good answer for preventing misbehaving PDBs from stopping node drains though. If there was a way to temporarily disable these PDBs during upgrades, that would've been ideal.

[eytan-avisror]

Yes, I added a comment on the above in the individual readme

Since pdb-reaper will not recreate the PDBs it deletes, deletion is 
particularly useful in cases where GitOps is used, which can re-create the PDBs at a later time.

[eytan-avisror]

Users who just want visibility can run with --dry-run and avoid deletion (which will publish events as well)

[tekenstam]

Maybe a future enhancement would be to save the PDB and then restore it later, presumably after the node was successfully drained? But then pdbreaper would need to be triggered when a node is about to be drained so the 'bad' PDBs can be temporarily deleted, like maybe triggered by upgrade-manager or lifecycle-manager. This is essentially what is recommended by this GCP Anthos link.

[eytan-avisror]

This adds a lot of complexity, you would have to track node drains and figure out the right time to recreate - this is easy when doing this manually (such as the doc you linked), but doing it programmatically is much more complex ( complexity which we might not want to have).

[tekenstam]

Looks good. We might consider an enhancement to only delete "misconfigured" PDBs after some number of runs of pdbreaper.

[codecov]

Codecov Report

Merging #52 (4722fd6) into master (0b5d58b) will increase coverage by 2.39%.
The diff coverage is 67.80%.

@@            Coverage Diff             @@
##           master      #52      +/-   ##
==========================================
+ Coverage   55.42%   57.81%   +2.39%     
==========================================
  Files           4        7       +3     
  Lines         821     1183     +362     
==========================================
+ Hits          455      684     +229     
- Misses        317      416      +99     
- Partials       49       83      +34     

Impacted Files	Coverage Δ
pkg/reaper/nodereaper/types.go	100.00% <ø> (ø)
pkg/reaper/pdbreaper/types.go	27.58% <27.58%> (ø)
pkg/reaper/nodereaper/nodereaper.go	45.49% <59.67%> (-1.31%)	⬇️
pkg/reaper/pdbreaper/pdbreaper.go	71.14% <71.14%> (ø)
pkg/reaper/nodereaper/helpers.go	60.88% <78.94%> (+2.34%)	⬆️
pkg/reaper/podreaper/podreaper.go	75.59% <80.00%> (-1.07%)	⬇️
pkg/reaper/podreaper/types.go	100.00% <100.00%> (ø)
... and 4 more

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update f09bec8...4722fd6. Read the comment docs.