-
Notifications
You must be signed in to change notification settings - Fork 39k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
docs: StatefulSet pod is never evicted from shutdown node #54368
Comments
/sig area/app-lifecycle area/stateful-apps area/usability |
/sig area/node-lifecycle are/nodecontroller |
/area app-lifecycle |
/sig node |
/assign |
Thanks @at1984z for finding this bug. I did reproduce this. The pod get stuck and cannot be evicted.
And |
@dixudx I should clarify that with Deployments new pod instance gets created on an available node after tolerations notReady and unreachable expire but the old instance is not evicted from the lost node and it cannot be deleted either. |
@at1984z Yes. This is because Please refer to #54472 and my comment. |
This is by design. When a node goes "down", the master does not know whether it was a safe down (deliberate shutdown) or a network partition. If the master said "ok, the pod is deleted" then the pod could actually be running somewhere on the cluster, thus violating the guarantees of stateful sets only having one pod. In your case, if you intend the node to be deleted, you must delete the node object. That will cause the master to understand that you wish the node to be gone, and delete the pods. |
If you think that https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#pod-identity does not clearly explain this behavior, we should fix the documentation to describe the expected outcome. You can also see https://github.com/kubernetes/community/blob/master/contributors/design-proposals/storage/pod-safety.md for a more detailed explanation why this is by design. |
@smarterclayton Why is the issue re-opened? Is it to fix the design and implementation or to fix documentation? |
To fix the documentation (if it wasn't clear that this is desired behavior, I think that's a documentation gap). It's also possible the stateful set should record a better message on the pod indicating that without a positive admin action it can't safely reschedule the pod. |
@smarterclayton Given the explanations above, I'd appreciate the answers to a couple of questions below.
|
@at1984z This is because StatefulSet is designed to maintain a sticky identity for each of their Pods. These pods are created in ordered with the same spec, stable network identity and stable storage, but are not interchangeable: each has a persistent identifier that it maintains across any rescheduling. But for deployments and RC, we don't apply such restrictions.
If the node is down or inaccessible, the master cannot receive heart beats from the node. New pods will not be scheduled to not ready nodes. Also those not ready nodes can not evict pods from master successfully.
Taints and tolerations work together to ensure that pods are not scheduled onto inappropriate nodes. |
Issues go stale after 90d of inactivity. Prevent issues from auto-closing with an If this issue is safe to close now please do so with Send feedback to sig-testing, kubernetes/test-infra and/or |
Looks like the docs have not been updated, yet. |
@saschagrunert: Reopened this issue. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
@at1984z: This issue is currently awaiting triage. If a SIG or subproject determines this is a relevant issue, they will accept it by applying the The Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
/remove-kind bug |
The Kubernetes project currently lacks enough contributors to adequately respond to all issues and PRs. This bot triages issues and PRs according to the following rules:
You can:
Please send feedback to sig-contributor-experience at kubernetes/community. /lifecycle stale |
The Kubernetes project currently lacks enough active contributors to adequately respond to all issues and PRs. This bot triages issues and PRs according to the following rules:
You can:
Please send feedback to sig-contributor-experience at kubernetes/community. /lifecycle rotten |
The Kubernetes project currently lacks enough active contributors to adequately respond to all issues and PRs. This bot triages issues according to the following rules:
You can:
Please send feedback to sig-contributor-experience at kubernetes/community. /close not-planned |
@k8s-triage-robot: Closing this issue, marking it as "Not Planned". In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
Is this a BUG REPORT or FEATURE REQUEST?:
/kind bug
What happened:
What you expected to happen:
How to reproduce it (as minimally and precisely as possible):
Anything else we need to know?:
Environment:
kubectl version
): 1.8.1uname -a
): 4.4.0-96-generic (VM)Edit: Goal if this issue is to update the documentation and clarify the expected behavior as per: #54368 (comment)
The text was updated successfully, but these errors were encountered: