kubectl: wait for all errors and successes on podEviction #64896
Conversation
k8s-ci-robot
added
the
release-note-none
k8s-ci-robot
added
size/S
|
/retest |
|
/assign @apelisse |
pkg/kubectl/cmd/drain.go
Outdated
| @@ -613,16 +620,21 @@ func (o *DrainOptions) evictPods(pods []corev1.Pod, policyGroupVersion string, g | |||
| for { | |||
| select { | |||
| case err := <-errCh: | |||
| return err | |||
There was a problem hiding this comment.
Do we not now lose the underlying reason? Looking below I see we just do "Drain did not complete...".
There was a problem hiding this comment.
Since there can be N different errors, they get glogged and counted. A summary error is returned on line 635. Do you think we should capture all the error messages?
There was a problem hiding this comment.
outputting via glog like this rather than actually returning errors means DrainOptions can't easily be used programmatically or composed into larger commands
There was a problem hiding this comment.
print to o.ErrOut if you're going to print here, and I would probably accumulate and return the actual errors
k8s-ci-robot
added
the
needs-rebase
rphillips
force-pushed
the
fixes/kubectl_eviction
branch
from
49a332b
to
4bfea39
Compare
k8s-ci-robot
removed
the
needs-rebase
|
/cc @kubernetes/sig-cli-maintainers
The particular issue we hit is if the node has a pod in a terminating namespace, the drain will immediately fail with a "can't modify resource in a terminating namespace" error and fail to remove the remaining pods. With this PR, the drain still fails, but not before trying to remove every pod on the node. This is a better situation in that all pods will be in a terminating state after the first drain. |
|
using wider cc that I just found out about |
k8s-ci-robot
added
the
sig/cli
rphillips
force-pushed
the
fixes/kubectl_eviction
branch
from
4bfea39
to
c158391
Compare
k8s-ci-robot
added
size/M
|
@liggitt I refactored this PR to collect all the errors and make it more reusable. |
rphillips
force-pushed
the
fixes/kubectl_eviction
branch
from
c158391
to
4ff8f32
Compare
k8s-ci-robot
added
size/L
rphillips
force-pushed
the
fixes/kubectl_eviction
branch
2 times, most recently
from
823bfb6
to
a0efb63
Compare
pkg/util/multierror/multierror.go
Outdated
| // derived from https://github.com/golang/appengine/blob/master/errors.go | ||
|
|
||
| // MultiError is returned by batch operations. | ||
| type MultiError []error |
There was a problem hiding this comment.
we already have AggregateError, what's the difference? seems no need to define multi error here.
There was a problem hiding this comment.
I didn't know about Aggregate. I updated the PR to use the Aggregate API. Thanks!
rphillips
force-pushed
the
fixes/kubectl_eviction
branch
from
a0efb63
to
4fe8896
Compare
k8s-ci-robot
added
size/M
|
/test pull-kubernetes-integration |
|
/test pull-kubernetes-e2e-gce |
rphillips
force-pushed
the
fixes/kubectl_eviction
branch
from
4fe8896
to
792f4dd
Compare
rphillips
force-pushed
the
fixes/kubectl_eviction
branch
2 times, most recently
from
45495c9
to
9421527
Compare
|
thanks! |
k8s-ci-robot
added
the
lgtm
pkg/kubectl/cmd/drain.go
Outdated
| @@ -571,39 +572,41 @@ func (o *DrainOptions) deleteOrEvictPods(pods []corev1.Pod) error { | |||
| } | |||
| } | |||
|
|
|||
| // evictPods return | |||
pkg/kubectl/cmd/drain.go
Outdated
| } | ||
| case <-globalTimeoutCh: | ||
| return fmt.Errorf("Drain did not complete within %v", globalTimeout) | ||
| return utilerrors.NewAggregate(errors) |
There was a problem hiding this comment.
You're losing the timeout error information here, which means if it times out before the first error is reported, that's going to become a success. Maybe consider just returning timeout error in that case (as it was done before)?
There was a problem hiding this comment.
good catch on both. fixed.
rphillips
force-pushed
the
fixes/kubectl_eviction
branch
from
9421527
to
d8322d0
Compare
k8s-ci-robot
removed
the
lgtm
pkg/kubectl/cmd/drain.go
Outdated
| } | ||
| case <-globalTimeoutCh: | ||
| return fmt.Errorf("Drain did not complete within %v", globalTimeout) | ||
| } | ||
| if doneCount == numPods { |
There was a problem hiding this comment.
This condition could have been part of the "for" statement: for doneCount < numPods { ... }.
|
Thanks for fixing quickly! Feel free to fix the "while" loop (now or later). |
k8s-ci-robot
added
lgtm
rphillips
force-pushed
the
fixes/kubectl_eviction
branch
from
d8322d0
to
5b4770e
Compare
k8s-ci-robot
removed
the
lgtm
|
@apelisse I fixed the for loop, this will need one more approval. Thank you! |
|
It'd be great if I could leave all my comments once and for all :-). How hard would it be to add tests? /lgtm |
k8s-ci-robot
added
the
lgtm
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: apelisse, rphillips, sjenning The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
|
Automatic merge from submit-queue (batch tested with PRs 65776, 64896). If you want to cherry-pick this change to another branch, please follow the instructions here. |
…tion Automatic merge from submit-queue (batch tested with PRs 65776, 64896). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>. kubectl: wait for all errors and successes on podEviction **What this PR does / why we need it**: This fixes `kubectl drain` to wait until all errors and successes are processed, instead of returning the first error. It also tweaks the behavior of the cleanup to check to see if the pod is already terminating, and if it is to not reissue the pod terminate which leads to an error getting thrown. This fix will allow `kubectl drain` to complete successfully when a node is draining. **Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*: Fixes # **Special notes for your reviewer**: /cc @sjenning **Release note**: ```release-note NONE ``` ```yaml apiVersion: v1 kind: Pod metadata: name: bash spec: containers: - name: bash image: bash resources: limits: cpu: 500m memory: 500Mi command: - bash - -c - "nothing() { sleep 1; } ; trap nothing 15 ; while true; do echo \"hello\"; sleep 10; done" terminationGracePeriodSeconds: 3000 restartPolicy: Never ``` ``` $ kubectl create ns testing $ kubectl create -f sleep.yml $ kubectl delete ns testing $ kubectl drain 127.0.0.1 --force ```
What this PR does / why we need it: This fixes
kubectl drainto wait until all errors and successes are processed, instead of returning the first error. It also tweaks the behavior of the cleanup to check to see if the pod is already terminating, and if it is to not reissue the pod terminate which leads to an error getting thrown. This fix will allowkubectl drainto complete successfully when a node is draining.Which issue(s) this PR fixes (optional, in
fixes #<issue number>(, fixes #<issue_number>, ...)format, will close the issue(s) when PR gets merged):Fixes #
Special notes for your reviewer:
/cc @sjenning
Release note:
Reproduction steps
sleep.yml