Prevent scheduler crashing in default preemption plugin #101560
Conversation
k8s-ci-robot
added
kind/bug
|
@yuanchen8911: This issue is currently awaiting triage. If a SIG or subproject determines this is a relevant issue, they will accept it by applying the The Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
k8s-ci-robot
added
do-not-merge/needs-sig
k8s-ci-robot
added
sig/scheduling
|
/cc @Huang-Wei @ahg-g |
|
/sig scheduling |
yuanchen8911
changed the title
There was a problem hiding this comment.
As mentioned in #101548 (comment), I'd like to understand the root cause, and then come up with all defensive checking at once in this PR.
| var ( | ||
| victims *extenderv1.Victims | ||
| found bool | ||
| latestStartTime *metav1.Time | ||
| ) | ||
| if victims, found = nodesToVictims[minNodes2[0]]; found { | ||
| latestStartTime = util.GetEarliestPodStartTime(victims) | ||
| } |
There was a problem hiding this comment.
This is neater:
var latestStartTime *metav1.Time
if victims, found := nodesToVictims[minNodes2[0]]; found {
latestStartTime = util.GetEarliestPodStartTime(victims)
}
|
/retest |
|
Note that there are test cases that return candidates with empty victims. It makes the simple change |
|
/retest |
yuanchen8911
changed the title
|
@Huang-Wei updated the description and PR. PTAL! |
| var victims extenderv1.Victims | ||
| // do not create victims without pods | ||
| if len(pods) != 0 { | ||
| victims = extenderv1.Victims{ | ||
| Pods: pods, | ||
| NumPDBViolations: int64(numPDBViolations), | ||
| } |
There was a problem hiding this comment.
We should treat len(pods) == 0 as an internal error, right? Why not just do if status.IsSuccess() && len(pods) != 0 in L338?
There was a problem hiding this comment.
That's my original version but the unit test failed as there are test cases that return empty victims with fit= true. Please see my comment. #101560 (comment) Shall I update the unit test file instead?
There was a problem hiding this comment.
yes, please update those tests.
There was a problem hiding this comment.
should status.IsSuccess() && len(pods) == 0 be considered an error or just ignored?
There was a problem hiding this comment.
let's craft it as an internal error.
| @@ -404,8 +408,14 @@ func CallExtenders(extenders []framework.Extender, pod *v1.Pod, nodeLister frame | |||
|
|
|||
| var newCandidates []Candidate | |||
| for nodeName := range victimsMap { | |||
| // check if victims.Pods is empty | |||
| victims := victimsMap[nodeName] | |||
| if len(victims.Pods) == 0 { | |||
There was a problem hiding this comment.
I'd prefer to run the check around L391: if an extender returns illegal result and extender.IsIgnorable() == false, return it as an error.
There was a problem hiding this comment.
I'd prefer to run the check around L391: if an extender returns illegal result and
extender.IsIgnorable() == false, return it as an error.
Check the validness of nodeNameToVictims returned by PrecessPreemption before L399?
for nodeName := range nodeNameToVictims {
// check if victims.Pods is empty
victims := victimsMap[nodeName]
if len(victims.Pods) == 0 {
delete(victims, nodeName)
}
}
There was a problem hiding this comment.
before L399, like this:
for nodeName, victims := range nodeNameToVictims {
if victims != nil && len(victims.Pods) != 0 {
continue
}
if extender.IsIgnorable() {
delete(nodeNameToVictims, nodeName)
// klog....
continue
} else {
return nil, framework.AsStatus(/* build an internal err */)
}
}
k8s-ci-robot
added
the
size/M
|
Updated the PR as suggested, please review it. @Huang-Wei Thanks! |
| return | ||
| } | ||
| if status.IsSuccess() && len(pods) == 0 { | ||
| status = framework.NewStatus(framework.Unschedulable, fmt.Sprintf("invalid victims on node %q returned by selectVictimsOnNode", nodeInfoCopy.Node().Name)) |
There was a problem hiding this comment.
| status = framework.NewStatus(framework.Unschedulable, fmt.Sprintf("invalid victims on node %q returned by selectVictimsOnNode", nodeInfoCopy.Node().Name)) | |
| status = framework.AsStatus(fmt.Errorf("invalid victims on node %q returned by selectVictimsOnNode", nodeInfoCopy.Node().Name)) |
| @@ -391,6 +394,18 @@ func CallExtenders(extenders []framework.Extender, pod *v1.Pod, nodeLister frame | |||
| } | |||
| return nil, framework.AsStatus(err) | |||
| } | |||
| // Check if the returned victims are valid. | |||
| for nodeName, victims := range nodeNameToVictims { | |||
| if victims != nil && len(victims.Pods) == 0 { | |||
There was a problem hiding this comment.
Perfer if victims == nil || len(victims.Pods) == 0 so that we can catch nil victims.
yuanchen8911
changed the title
| if s == nil || len(s.Name()) == 0 { | ||
| return | ||
| } |
There was a problem hiding this comment.
You can remove the first sub-test "No node needs preemption".
There was a problem hiding this comment.
deleted the test case.
|
@ahg-g could you review it when you get a chance? Thanks. |
yuanchen8911
force-pushed
the
master
branch
2 times, most recently
from
84086b9
to
9c22e00
Compare
| return | ||
| } | ||
| if status.IsSuccess() && len(pods) == 0 { | ||
| status = framework.AsStatus(fmt.Errorf("invalid victims on node %q returned by selectVictimsOnNode", nodeInfoCopy.Node().Name)) |
There was a problem hiding this comment.
Should the error msg be more explicit: should not happen: the pod fits with no victim pods? Same below.
There was a problem hiding this comment.
Does the error status (set in L358) indicate "it should not happen"?
|
/retest |
|
/approve |
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: Huang-Wei, yuanchen8911 The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
k8s-ci-robot
added
the
approved
| if victims == nil || len(victims.Pods) == 0 { | ||
| if extender.IsIgnorable() { | ||
| delete(nodeNameToVictims, nodeName) | ||
| klog.Warningf("Ignoring victims without pods on node %q returned by extender", nodeName) |
There was a problem hiding this comment.
warnings aren't recommended anymore, either error or info. In this case info probably fits better.
There was a problem hiding this comment.
warnings aren't recommended anymore, either error or info. In this case info probably fits better.
Changed it to InfoS.
| return | ||
| } | ||
| if status.IsSuccess() && len(pods) == 0 { | ||
| status = framework.AsStatus(fmt.Errorf("invalid victims on node %q returned by selectVictimsOnNode", nodeInfoCopy.Node().Name)) |
There was a problem hiding this comment.
right, be more explicit, like "expected at least one victim on node $q"
There was a problem hiding this comment.
right, be more explicit, like "expected at least one victim on node $q"
Updated the error msg. as suggested.
|
/release-note-none |
k8s-ci-robot
added
release-note-none
|
/lgtm |
k8s-ci-robot
added
the
lgtm
What type of PR is this?
/kind bug
What this PR does / why we need it:
FindCandidatesorCallExtendersindefaultpreemptionplugin can return victim without pods (e.g., because of issues in Filter plugins or extenders). As a result, the scheduler will panic and crash when accessing an non-existing pod. This PR adds additional checks to prevent it from crashing the scheduler.Which issue(s) this PR fixes:
Fixes #101548
Special notes for your reviewer:
Does this PR introduce a user-facing change?
Additional documentation e.g., KEPs (Kubernetes Enhancement Proposals), usage docs, etc.: