Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Validate cluster N times in rolling-update #8868

Merged
merged 2 commits into from
Apr 8, 2020
Merged

Validate cluster N times in rolling-update #8868

merged 2 commits into from
Apr 8, 2020

Conversation

zetaab
Copy link
Member

@zetaab zetaab commented Apr 7, 2020
edited
Loading

We are still seeing lots of rolling update errors in case of cluster validation after instance roll.

Example:

I0407 16:41:39.366581 85 instancegroups.go:255] Cluster validated; revalidating in 10s to make sure it does not flap.
I0407 16:42:00.200357 85 instancegroups.go:271] Cluster validated.
master not healthy after update, stopping rolling-update: "cluster \"updateospr-f95a75.k8s.local\" did not pass validation: kube-system pod \"kube-apiserver-master-zone-1-1-1-updateospr-f95a75-k8s-local\" is pending"
I0407 16:42:17.290824 1 batch.go:902] error running kops rolling-update cluster --bastion-interval 2m --instance-group bastions,master-zone-1-1,master-zone-2-1,master-zone-3-1,nodes-z1,nodes-z2,nodes-z3 --validation-timeout 20m --yes

Disclaimer: we are running e2e tests quite heavily against kops. We are doing something like 20-50 rolling updates per day for clusters.

cc @hakman @johngmyers could you guys check this.

@k8s-ci-robot k8s-ci-robot added do-not-merge/work-in-progress Indicates that a PR should not merge because it is a work in progress. cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. size/M Denotes a PR that changes 30-99 lines, ignoring generated files. area/rolling-update labels Apr 7, 2020
@k8s-ci-robot
Copy link
Contributor

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: zetaab

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@k8s-ci-robot k8s-ci-robot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Apr 7, 2020
zetaab
zetaab commented Apr 7, 2020
View reviewed changes
cmd/kops/rollingupdatecluster.go
// TODO should we expose this to the UI?
ValidateTickDuration: 30 * time.Second,
ValidateSuccessDuration: 10 * time.Second,
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

this was not exposed to CLI, so as I see it - its easy to delete

@johngmyers
Copy link
Member

Could we get details on why things are flapping? Did the kube-apiserver pod not exist when the cluster validated earlier? Do we need to explicitly check for it like we now do for controller-manager?

@zetaab
Copy link
Member Author

zetaab commented Apr 8, 2020

in my opinion checking individual pods is not maybe the best option because kube-system namespace can contain any pods which should be checked. That is why generic retry logic is better than checking individual pod

@zetaab zetaab changed the title WIP: validate cluster n times in rolling update Validate cluster n times in rolling update Apr 8, 2020
@k8s-ci-robot k8s-ci-robot removed the do-not-merge/work-in-progress Indicates that a PR should not merge because it is a work in progress. label Apr 8, 2020
@zetaab zetaab changed the title Validate cluster n times in rolling update Validate cluster N times in rolling-update Apr 8, 2020
@zetaab
Copy link
Member Author

zetaab commented Apr 8, 2020

@hakman fixed

@hakman
Copy link
Member

hakman commented Apr 8, 2020

Cool. Thanks @zetaab.
/lgtm

@k8s-ci-robot k8s-ci-robot added the lgtm "Looks good to me", indicates that a PR is ready to be merged. label Apr 8, 2020
@hakman
Copy link
Member

hakman commented Apr 8, 2020

/retest

@k8s-ci-robot k8s-ci-robot merged commit 1e11c25 into kubernetes:master Apr 8, 2020
@k8s-ci-robot k8s-ci-robot added this to the v1.18 milestone Apr 8, 2020
@zetaab zetaab deleted the feature/validateNtimes branch April 9, 2020 06:55
johngmyers
johngmyers reviewed Apr 10, 2020
View reviewed changes
Copy link
Member

@johngmyers johngmyers left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

As I read the code, only the first instancegroup with unready nodes will get the effect of the new flag. Subsequent instancegroups will continue after a single successful validation, a reduction from the previous behavior.

pkg/instancegroups/rollingupdate.go
ValidateCount int32

// ValidateSucceeded is the amount of times that a cluster validate is succeeded already
ValidateSucceeded int32
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why is this public?

pkg/instancegroups/instancegroups.go
klog.Infof("Cluster validated; revalidating in %s to make sure it does not flap.", c.ValidateSuccessDuration)
time.Sleep(c.ValidateSuccessDuration)
result, err = c.ClusterValidator.Validate()
if err == nil && len(result.Failures) == 0 && c.ValidateCount > 0 {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why the c.ValidateCount > 0 check? It seems unnecessary.

pkg/instancegroups/instancegroups.go
@@ -430,10 +430,12 @@ func (c *RollingUpdateCluster) validateClusterWithDuration(duration time.Duratio
func (c *RollingUpdateCluster) tryValidateCluster(duration time.Duration) bool {
result, err := c.ClusterValidator.Validate()

if err == nil && len(result.Failures) == 0 && c.ValidateSuccessDuration > 0 {
klog.Infof("Cluster validated; revalidating in %s to make sure it does not flap.", c.ValidateSuccessDuration)
time.Sleep(c.ValidateSuccessDuration)
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why did you remove the sleep?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

when we return false, it will go back to previous function which do have sleep already

@zetaab
Copy link
Member Author

zetaab commented Apr 10, 2020

@johngmyers imo your comment is not true, I tested this. In case of all instancegroups it will loop through validatecount

justinsb added a commit to justinsb/kops that referenced this pull request Apr 17, 2020
@justinsb
Rolling-update validation harmonization
aa8edc9 
This is a follow-on to kubernetes#8868; I believe the intent of that was to
expose the option to do more (or fewer) retries.

We previously had a single retry to prevent flapping; this basically
unifies the previous behaviour with the idea of making it
configurable.

* validate-count=0 effectively turns off validation.

* validate-count=1 will do a single validation, without flapping
  detection.

* validate-count>=2 will require N succesful validations in a row,
waiting ValidateSuccessDuration in between.

A nice side-effect of this is that the tests now explicitly specify
ValidateCount=1 instead of setting ValidateSuccessDuration=0, which
had the side effect of doing the equivalent to ValidateCount=1.
justinsb added a commit to justinsb/kops that referenced this pull request Apr 17, 2020
@justinsb
Rolling-update validation harmonization
ffb6cd6 
This is a follow-on to kubernetes#8868; I believe the intent of that was to
expose the option to do more (or fewer) retries.

We previously had a single retry to prevent flapping; this basically
unifies the previous behaviour with the idea of making it
configurable.

* validate-count=0 effectively turns off validation.

* validate-count=1 will do a single validation, without flapping
  detection.

* validate-count>=2 will require N succesful validations in a row,
waiting ValidateSuccessDuration in between.

A nice side-effect of this is that the tests now explicitly specify
ValidateCount=1 instead of setting ValidateSuccessDuration=0, which
had the side effect of doing the equivalent to ValidateCount=1.
@justinsb justinsb mentioned this pull request Apr 17, 2020
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@johngmyers johngmyers johngmyers left review comments

@hakman hakman hakman left review comments

@joshbranham joshbranham Awaiting requested review from joshbranham

@robinpercy robinpercy Awaiting requested review from robinpercy

Assignees

@hakman hakman

Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. area/documentation area/rolling-update cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. lgtm "Looks good to me", indicates that a PR is ready to be merged. size/M Denotes a PR that changes 30-99 lines, ignoring generated files.
Projects
None yet
Milestone
v1.18
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@zetaab @k8s-ci-robot @johngmyers @hakman