New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
DaemonSet fails to scale down during the rolling update when maxUnavailable=0
#118823
Comments
/sig scheduling |
the new pod should pending when you change any another toleration, because master have |
@olderTaoist: Sorry, I don't quite understand what you are trying to say. Can you please rephrase it? |
this seems like a bug in the DS surge logic, the old pod is not being removed because it is NoSchedule taint only and the surge presumes that the pods that are there are surgeable without checking the scheduling aspect again |
/remove-sig scheduling |
I'll try to fix it. /assign |
Hi, @alebedev87 You expect that:
However if master taints:
- effect: NoSchedule
key: node-role.kubernetes.io/master I think the old For example:
↓ Update DaemonSet
From the Taint section of Kubernetes document,
So if master taints:
- effect: NoExecute
key: node-role.kubernetes.io/control-plane
- effect: NoSchedule
key: node-role.kubernetes.io/control-plane For example:
↓ Update DaemonSet
What do you think about that? |
I've created #119317 according to the above. |
@mochizuki875: I think I'm fine with the approach to keep the old pods on the master nodes if the master nodes don't have the |
Hi @alebedev87
Thanks for your consent.
I've noticed that too.
FYI: The implementation of updating kubernetes/pkg/controller/daemon/daemon_controller.go Lines 1160 to 1171 in b2a9c06
In this case, by updating You can see So in this case, I think it is no problem that desired number of pods changes 6 to 3 and 6 daemon pods(3 pods on worker are managed by You can see the similar case if you update
|
In my opinion we should remove the old pods that are running from the old revision when the NoSchedule tolerations or taints change. I think the rollout aspect and consistency of the DS takes precedence over the scheduling aspect. We are interested in running a new revision and not keeping old revisions running in currently unschedulable nodes. This applies to the Reproducibility/predicatability is also an issue, if you delete the updated DS and create the same DS you should achieve the same state of the cluster. Please also take a look at #119317 (review) |
Thank your for your comment. |
What happened?
I have a daemonset with the rolling update strategy. I have
maxSurge
parameter set to a non zero value which means that themaxUnavailable
parameter is set to0
. When I replace the toleration in the daemonset's template spec from the one which helped me to be scheduled on the master node into any other toleration, I see the new pods still trying to be scheduled on the master nodes. The old pods from the tolerated nodes can be lucky enough to be recreated but only if they go before any pod from the intolerable node.What did you expect to happen?
I don't expect the new pods to be scheduled on the nodes which are not tolerated by the new DamonSet's template spec. The daemonset controller should just delete the old pods from the nodes which cannot be tolerated anymore. The old pods from the nodes which can still be tolerated should be recreated according to the rolling update parameters.
How can we reproduce it (as minimally and precisely as possible)?
On a Kubernetes cluster with 3 or more master node and 3 or more worker node (2 and 2 may be enough too, I guess):
maxSurge=10%
andmaxUnavailable=0
node-role.kubernetes.io/master
node-role.kubernetes.io/master
toleration with any other (even not existing).Pending
stateAnything else we need to know?
No response
Kubernetes version
Cloud provider
OS version
Install tools
Container runtime (CRI) and version (if applicable)
Related plugins (CNI, CSI, ...) and versions (if applicable)
The text was updated successfully, but these errors were encountered: