/cc

/cc @jayunit100 @ConnorDoyle

@rrati is starting on list above for 1.5

@rrati things to keep in mind re(alpha-beta) : #30819 (comment)

@davidopp @wojtek-t Do you know the state of the items listed above? Some of the issues appear to have been either resolved or have had work done on them.

"Before allowing users to use it, be sure we won't need to roll back to binary version that doesn't support it* - Does this have a defined work item? Is it just a confidence level?

Better solution for "first pod problem" - Has anyone started discussing an alternate plan?

@rrati :

• Change annotation key from scheduler.alpha.kubernetes.io/affinity to scheduler.beta.kubernetes.io/affinity: There's ongoing discussion about whether to use fields or annotations in beta, in general (if you want me to look up the issue number and kubernetes-dev thread I can, but you probably know what I'm talking about)
• Better solution for "first pod problem": I don't think we really need to do this for Beta, because it is not an API change. If you're wondering what it's referring to, see the section that starts "This last example illustrates" in the design doc. Today we have implemented the "short term" approach listed there.
• Last bullet point here: This is a test improvement. Also not strictly needed for Beta. (Though I suspect we will never do it if we don't do it now.)
• Before allowing users to use it, be sure we won't need to roll back to binary version that doesn't support it: The ongoing discussion related to the first bullet point has also touched on this. Basically it means make sure we do the right thing if someone sets alpha pod affinity in 1.4 and they upgrade to 1.5, sets beta pod affinity in 1.5 and downgrade to 1.4, sets pod affinity in 1.4 and upgrade to 1.5 and then downgrade to 1.4, etc. We have some flexibility in defining "right thing" in the alpha case since we make no guarantees about alpha features, though in the aforementioned discussion Tim was saying we should support the alpha version in a couple of version before we get rid of it, which would mean we need to support both alpha and beta in 1.5.
• Re-enable/fix all tests (see e.g. Disable PodAffinity SchedulerPredicates test #26697, PodAffinity SchedulerPredicates are not well isolated #26698): Looks like there's nothing to do here, as I don't see any e2e's still marked Feature:PodAffinity (but can't hurt for you to double-check).

Made a separate issue for the test improvement: #34253

Version moved per sig+community discussion re: alpha-beta transitioning.

I would propose converting from annotations to api fields before moving from alpha->beta in a process described in #35518. Namely, convert from annotations to api fields, strip the annotations implementation out completely, port tests, etc. Once functionality is confirmed to be at the same level as annotations then promote from alpha->beta.

We should add node and pod affinity to GeneralPredicates when we move them to Beta (this will make Kubelet check them in admission check).

Also, @wojtek-t has suggested we should consider restricting hard anti-affinity to node-level only. The reasons are

• scalability/performance
• for Kubelet admission to check any topology other than node, it would need full cluster state
• it's not clear there are any use cases for hard anti-affinity at topology other than node-level (soft anti-affinity is different; e.g. you might want to spread across zones)

we should consider restricting hard anti-affinity to node-level only.

We should do it as long as we can (which means we need to make this before doing beta).

/cc

BTW one implication of using LabelSelector on namespace labels is that it will be possible to specify "all namespaces" (which we were special-casing when we were doing it as a list of namespaces), because empty label selector matches all objects.

In light of this, I don't think it's worth adding "all namespaces" capability to the list-of-namespaces (#43525) as we are going to deprecate list-of-namespaces.

@davidopp Do we have the final decision here? I saw some different voice in the sig-network thread about the multiple tenant problem.

I attended the sig-network meeting on April 6 and they decided to go ahead with the label-selector-on-namespace approach.

Before moving PodAntiAffinity to GA (aka v1) we NEED to fix it's performance. It's a non-trivial amount of work, which will probably result in rewriting most of the logic, thus when we do this it probably should bake for one release as a beta feature. @kubernetes/sig-scalability-misc @kubernetes/sig-scheduling-misc

There are no plans to move to GA this cycle that I'm aware of.

@gmarek does there are any issues related to the performance issues of PodAntiAffinity? I would like to do some investigation if needed.

Yup, I know. I just wanted to leave the note for whoever will be doing it at any point, and for us that we don't forget.

Issues go stale after 90d of inactivity.
Mark the issue as fresh with /remove-lifecycle stale.
Stale issues rot after an additional 30d of inactivity and eventually close.

Prevent issues from auto-closing with an /lifecycle frozen comment.

If this issue is safe to close now please do so with /close.

Send feedback to sig-testing, kubernetes/test-infra and/or @fejta.
/lifecycle stale

/remove-lifecycle stale

Issues go stale after 90d of inactivity.
Mark the issue as fresh with /remove-lifecycle stale.
Stale issues rot after an additional 30d of inactivity and eventually close.

If this issue is safe to close now please do so with /close.

Send feedback to sig-testing, kubernetes/test-infra and/or fejta.
/lifecycle stale

/remove-lifecycle stale

/lifecycle frozen

what time the affinity and anti-affinity release stable version?

They are currently in Beta. We haven't planned on promoting them to GA because they had many performance/scalability issues. We have addressed some of those issues, but there are still some left to be addressed. No concrete plan yet, but I feel we are getting closer. Maybe we go to GA in 1.14 or 1.15.

BTW one implication of using LabelSelector on namespace labels is that it will be possible to specify "all namespaces" (which we were special-casing when we were doing it as a list of namespaces), because empty label selector matches all objects.

In light of this, I don't think it's worth adding "all namespaces" capability to the list-of-namespaces (#43525) as we are going to deprecate list-of-namespaces.

Selecting labels over all namespaces would be a really great feature !
As an example, we wanted to avoid some kind of statefulsets running side to side on the same node, but since they are running in their own namespace we're not able to use the podAntiAffinity mecanisms ... So we had to trick this and use state / capacity mecanism which is much less flexible than selectors.

So please keep on mind that it might be a good way to reintroduce cross-namespaced selectors feature in affinity rules :-) , definitely not useful for everyone but a really great tool in some cases !

@BarthV we heard you all and we will try to add the feature, but we need to be careful here as this feature can increase possibility of DoS attacks. Please see my comment for more info: #68827 (comment).

#97410 need we cleanup those alpha annotations?