implement issue-19 add prefer no schedule taint to avoid double draining of pods #250
Conversation
damoon
force-pushed
the
19-PreferNoSchedule
branch
from
31ed67c
to
79c2426
Compare
|
The test is failing because the taint code uses the update method, but RBAC does only include patching nodes. |
damoon
force-pushed
the
19-PreferNoSchedule
branch
from
79c2426
to
523dbba
Compare
|
it works now 😃 |
There was a problem hiding this comment.
First, allow me to thank you for this PR! Well thought out.
Please see my comments inline for the first part of the review (maybe a comment, and a little code change?) on the preferNoSchedule code location/behaviour.
Finally, I see a problem with the PR right now (maybe I am mistaken, could you clarify?):
This PR changes the state of the taint TaintEffectPreferNoSchedule regardless of not it was tained by kured. This is a problem for me, because one administrator might want to mark a node for NoSchedule for other reasons, and we might remove it without its approval. WDYT?
Only the taint "weave.works/kured-node-reboot" (by default) is added or remove by the new behavior. Other taints will be untouched. The code from https://github.com/damoon/kured/blob/19-PreferNoSchedule/cmd/kured/main.go#L326 until https://github.com/damoon/kured/blob/19-PreferNoSchedule/cmd/kured/main.go#L367 ensures only to add/remove this one taint. |
|
I was not sure who the code was organized. |
damoon
force-pushed
the
19-PreferNoSchedule
branch
4 times, most recently
from
0f60dba
to
bd21661
Compare
|
CI tested it, so I guess that's a good start. Should we extend smoke test to ensure that we can schedule a basic workload? (And maybe ensuring the behaviour of this PR?) |
|
I tested the parallel reboot of nodes and the taint creation/removal. |
|
i found an issue: once the testing is done is push the fix. |
damoon
force-pushed
the
19-PreferNoSchedule
branch
from
bd21661
to
6caf951
Compare
|
fixed and tested. works for me. |
There was a problem hiding this comment.
I left some minor comments below.
It would be good to mention this feature in the README.
I did not really follow the test / add patch stuff. Do you have a reference to some documentation explaining it, or another program that does the same? (kubectl taint does not appear to do it).
Also I think there is another corner case: if rebootRequired() goes from true to false the taint will not be removed until the end of the reboot window, or until restart of kured.
…ining) additional pods from other rebooting nodes
…aint name to an empty string.
damoon
force-pushed
the
19-PreferNoSchedule
branch
from
6caf951
to
3a35d6a
Compare
|
I updated the parameter section in README. For patches I found this https://dwmkerr.com/patching-kubernetes-resources-in-golang/ example and for I changed the behavior in case |
There was a problem hiding this comment.
I have added a question/comment to clarify our goals. I would prefer if this is clarified before merging. However, I don't think it's worth blocking this PR from merging if we don't get consensus.
Please note that I didn't test this patch. The code looks okay to me.
| } | ||
|
|
||
| if rebootBlocked(client, nodeID) { | ||
| continue |
There was a problem hiding this comment.
if the reboot is Blocked by a pod or prometheus, shouldn't we still unmark the node?
For me it means that this node was voluntarily put out of the loop by an administrator, even if the reboot is required during the maintenance window.
In this case, I think that rebootBlocked should also remove any existing NoSchedule taint.
On the other hand, one could argue that a node "out of the loop" shouldn't be touched at all.
In any case, this decision should be recorded somewhere (in a comment, or in the commit message).
There was a problem hiding this comment.
Being blocked by prometheus can be from a "pending" alert: in my case I see those come and go quite often.
So I think it would be bad to oscillate the taint; I would say once you need to reboot you shouldn't be scheduling new pods onto that node. (But it's only "preferred" so may get some if necessary).
Maybe we should make the taint "" by default, so people can choose to try out the feature and report back?
There was a problem hiding this comment.
I am fine with both parts of your answer.
There was a problem hiding this comment.
@damoon do you mind updating the taint to "" by default?
There was a problem hiding this comment.
Alternatively, we can merge this after 16.0, and I can do another PR with updating the default taint.
There was a problem hiding this comment.
I changed the flag to be disabled by default.
There was a problem hiding this comment.
Thinking about the rebootBlocked() cases.
Situation: A node that waits for a long time to reboot, but is blocked by other rebooting nodes. Then a pod, that blocks reboots, is scheduled onto that node.
A) The taint is remove. As a result even more work gets scheduled here, and needs to be drained again. This should be avoided.
B) The taint stays. As a result the nodes without the taint get a higher average load, even so this node can not reboot once it is its turn to do so. This should also be avoided.
The same should be true for prometheus alert.
My feeling is, to leave a node, that wants to reboot, but is blocked to do so, tainted. It expresses the intend best.
As mentioned, the taint is "only" preferred, and in case B i trust the kubernetes scheduler and resource requests enough for uneven load not be a real issue.
|
Nice work and thanks for hanging in there. Do you think you could add a note #295 about this feature? |
This implements #19
The idea is to set a prefer no schedule taint.
The taint is set when the reboot sentinel is found and removed after the restart.
In case the node can not restart immediately the taint asks the kubernetes scheduler to avoid placing new pods on the tainted node.
But this is only preferred, as a last resort the kubernetes scheduler does place pods onto the node.