New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[1.25] kubelet: devices: skip allocation for running pods #118635 #119707
[1.25] kubelet: devices: skip allocation for running pods #118635 #119707
Conversation
029f358
to
d8b9165
Compare
/triage accepted |
/assign |
The recently added e2e device plugins test to cover node reboot works fine if runs every time on CI environment (e.g CI) but doesn't handle correctly partial setup when run repeatedly on the same instance (developer setup). To accomodate both flows, we extend the error management, checking more error conditions in the flow. Signed-off-by: Francesco Romani <fromani@redhat.com>
Make sure orphanded pods (pods deleted while kubelet is down) are handled correctly. Outline: 1. create a pod (not static pod) 2. stop kubelet 3. while kubelet is down, force delete the pod on API server 4. restart kubelet the pod becomes an orphaned pod and is expected to be killed by HandlePodCleanups. There is a similar test already, but here we want to check device assignment. Signed-off-by: Francesco Romani <fromani@redhat.com>
One of the contributing factors of issues kubernetes#118559 and kubernetes#109595 hard to debug and fix is that the devicemanager has very few logs in important flow, so it's unnecessarily hard to reconstruct the state from logs. We add minimal logs to be able to improve troubleshooting. We add minimal logs to be backport-friendly, deferring a more comprehensive review of logging to later PRs. Signed-off-by: Francesco Romani <fromani@redhat.com>
d8b9165
to
52c5fa5
Compare
rebased to fix a conflict |
/test pull-kubernetes-e2e-capz-windows-containerd-1-25 |
1 similar comment
/test pull-kubernetes-e2e-capz-windows-containerd-1-25 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
/lgtm
Re-applying as the label was removed due to rebase.
LGTM label has been added. Git tree hash: 24633598f8a497165c30f06ce4f3eeb05002cb03
|
/cc @kubernetes/release-managers Release managers, can you please take a look at this cherrypick? Thank you! |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
For RelEng:
/lgtm
/approve
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: ffromani, mrunalp, xmudrii The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
@ffromani: The following test failed, say
Full PR test history. Your PR dashboard. Please help us cut down on flakes by linking to an open issue when you hit one in your PR. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here. |
/test pull-kubernetes-unit unrelated failure in |
What type of PR is this?
/kind bug
/kind regression
What this PR does / why we need it:
Cherry-pick of #118635 to branch
release-1.25
through #119706. Cherry pick per se done usinghack/cherry_pick_pull.sh
Original description
When kubelet initializes, runs admission for pods and possibly allocate requested resources. We need to distinguish between node reboot (no containers running) versus kubelet restart (containers potentially running).
Running pods should always survive kubelet restart. This means that device allocation on admission should not be attempted, because if a container requires devices and is still running when kubelet is restarting, that container already has devices allocated and working.
Thus, we need to properly detect this scenario in the allocation step and handle it explicitely. We need to inform the devicemanager about which pods are already running.
Which issue(s) this PR fixes:
Fixes #118559
Special notes for your reviewer:
Implements the first approach proposed in the thread, so we make the devicemanager treat running pod differently.
This approach was chosen because it seems simpler to make self-contained and easier to backport.
The devicemanager already tracks (with the help of the checkpoint files) which containers got devices assigned to them, which by definition means these containers passed its admission. The missing bit is safely learning which container are already running when initializing, and for that we extend the existing
buildContainerMapFromRuntime
Does this PR introduce a user-facing change?