ETCD-349: add etcdmemberlister controller

[Elbehery]

resolves https://issues.redhat.com/browse/ETCD-349

cc @tjungblu @hasbro17 minimal controller to discuss on this PR the right directions

[Elbehery]

@hasbro17 I think this name reflects more what the function does, isn't it ?

cc @tjungblu

[tjungblu]

I think this will need some kind of locking, given this will be consumed by other controllers?

[tjungblu]

we should only degrade if this fails for several consecutive times, a transient failure every 30s shouldn't be a big issue to degrade the whole operator on

[Elbehery]

done 👍🏽

[Elbehery]

@tjungblu thanks a lot for your review ..

I just want to clarify what this controller is going to do

• cache All etcd members
• cache healthy etcd members
• cache unhealthy etcd members

I have chosen to use t map[string]*Member. If this choice is not adequate please let me know your thoughts

Also please correct me if I am wrong :)

[tjungblu]

this 👍 cache All etcd members

[Elbehery]

@tjungblu would this make sense ? .. I am gonna embed this within the controller

[tjungblu]

I think the struct makes sense, I'm not sure why you wanted to have it as a dedicated controller (or maybe I did).

it's more sensible to me to put this into etcdClientGetter struct in the etcdcli, then MemberList can always return a cached response or fetch when outdated.

[tjungblu]

alternatively, for choice of different consumers, we could also have another layer on top of etcdcli that would implement a cache for the MemberLister / HealthyMemberLister/UnhealthyMemberLister interface in the same package

[tjungblu]

something along those lines:

package etcdcli

import (
	"context"
	"go.etcd.io/etcd/api/v3/etcdserverpb"
)

type CachedMembers struct {
	// some caching logic
}

func (c CachedMembers) MemberList(ctx context.Context) ([]*etcdserverpb.Member, error) {
	//TODO implement me
	panic("implement me")
}

func (c CachedMembers) VotingMemberList(ctx context.Context) ([]*etcdserverpb.Member, error) {
	//TODO implement me
	panic("implement me")
}

func (c CachedMembers) HealthyMembers(ctx context.Context) ([]*etcdserverpb.Member, error) {
	//TODO implement me
	panic("implement me")
}

func (c CachedMembers) HealthyVotingMembers(ctx context.Context) ([]*etcdserverpb.Member, error) {
	//TODO implement me
	panic("implement me")
}

func (c CachedMembers) UnhealthyMembers(ctx context.Context) ([]*etcdserverpb.Member, error) {
	//TODO implement me
	panic("implement me")
}

func (c CachedMembers) UnhealthyVotingMembers(ctx context.Context) ([]*etcdserverpb.Member, error) {
	//TODO implement me
	panic("implement me")
}

[Elbehery]

/label tide/merge-method-squash

[Elbehery]

/retest-required

[hasbro17]

Do we really need add/update/delete/get methods on the member cache if we're just outright replacing the cache when the membership changes?
If not, then we can remove these.

[Elbehery]

yes u r right, initially i was using them to update the cache with new entries and remove stale entries .. but we dont need them now, removing ...

[hasbro17]

Why are we continuing to check the cache here if we have errors from building the current members map?
Shouldn't we return the errors?

[Elbehery]

well I did not know what to do tbh :)

So I can proceed with building the map while accumulating errors as I do now, or fail-fast once i encounter an error

wdyt ?

cc @tjungblu

[tjungblu]

fail-fast, but only degrade the operator after several consecutive failures.

[Elbehery]

done

[tjungblu]

can you add the previous members and the current members? I've done something similar in the client and it's super useful when going through must gathers

[tjungblu]

I think the errors can also be deleted now that you've removed the diff/add/remove logic

[Elbehery]

done

[tjungblu]

this doesn't count ConsecutiveFailures, but accumulates all failures ever happened until you reset after five times. You need to reset the counter when it was successful too.

[Elbehery]

+1, thanks a lot 👍🏽

[Elbehery]

done

[Elbehery]

/retest-required

[Elbehery]

this controller has two usage of memberlist()

• one uses to validate if a member is already part of the cluster
• one iterates over the members and attempt to promote learners

Therefore i added both these fields and i update them on notifications from etcdmemberlistercontroller

please let me know wdyt cc @tjungblu @hasbro17

[Elbehery]

this line does not compile, i do not know how to fix it :/

So the NewClusterMemberController returns a factory.Controller type . I need to have a ref for the etcdmemberlistercontroller to update the local cache in each controller upon notifications

please let me know wdyt

[tjungblu]

I suggest you to create an interface that is returned by NewEtcdMemberListerController instead. You're also missing to actually run that controller.

Again, just mimick what envVarController already does here.

[Elbehery]

fixed 👍🏽

[Elbehery]

this call will be removed with my changes .. so instead of issuing a request to etcd-server, the controller retrieve them locally .. etcdmemberlistercontroller makes sure other controllers do not have stale cached data

[tjungblu]

that looks like a weird thing to import, why is that needed?

[Elbehery]

i found Notifier and Listener already defined there so I used them

I can also create my own interface

[tjungblu]

what's the envvar controller using?

[Elbehery]

it's own interfaces .. I created mine, I can use others .. maybe move them into commons ?

[tjungblu]

why return?

[Elbehery]

+1

[tjungblu]

it's not wrong what you wrote here, but for better readability I would put the locking to the start of the method:

	c.membersCache.mux.RLock()
	defer c.membersCache.mux.RUnlock()

	members := make([]etcdserverpb.Member, 0, len(c.membersCache.cache))
        ...

So when people add more lines later, they have an easier time to reason about the scope of the lock.

[Elbehery]

+1

[tjungblu]

I think this can create a race condition. Imagine this controller is running every 10s on a different goroutine than the member lister controller.

The updates done in this Enqueue method might not be fully visible during the controller sync. I like this idea with the set, but you maybe just want to implement it in the boring way by listing all members when the controller sync runs and just reuse that return throughout the whole lifecycle of the sync.

OR alternatively add some locking around it, not sure it's really worth it because the controller runs never the less. If you were to tie the controller sync period to only run when the member listing changes, that would be useful but likely not necessary.

[Elbehery]

I am a bit confused now :D

So Enqueue is invoked by the etcdmemberlistercontroller when the member list changes only. it updates it own cache and then sync Listener's caches by invoking Enqueue() .. Moreover, Enqueue calls
(c *EtcdMemberListerController) GetMembers() which uses the lock before reading the cache and returning a copy to the Listener

Listener's Sync will use the local updated cache to reconcile

Where is the race condition ?

[tjungblu]

simply put, you're adjusting the internal structure of clustermembercontroller here that runs on a different controller goroutine.

Enqueue is called from the etcdmemberlistercontroller controller goroutine, so you need to lock here in this controller as well if you want to update the struct that it's reading. Otherwise you'd have stale reads from cpu cache, that's the race condition.

I'm sure if you were to run both controllers in goroutines in a test with -race it would flag that.

[Elbehery]

i see it now, but what is the right way then, without using extra locking ? .. i think we should reduce this, or ?

[tjungblu]

in clustermembercontroller.sync I would just call getMembers() as it was with the client. This is properly locked and you always get consistent data back for the lifetime of the sync call. We can add the notification fanciness later to only run the controller when the member list changes.

[Elbehery]

yes I agree, I am also using []Member instead of map[string]Member since the controller need not lookup by memberIP ..

I am adding also GetHealthyMember and GetUnhealthyMembers so that other controllers need not to use the etcdclient directly for any member listing

WIP .. :D

[Elbehery]

/retest-required

[Elbehery]

/retest-required

[Elbehery]

i gave up :D

[Elbehery]

/retest-required

[openshift-bot]

Issues go stale after 90d of inactivity.

Mark the issue as fresh by commenting /remove-lifecycle stale.
Stale issues rot after an additional 30d of inactivity and eventually close.
Exclude this issue from closing by commenting /lifecycle frozen.

If this issue is safe to close now please do so with /close.

/lifecycle stale

[openshift-bot]

Stale issues rot after 30d of inactivity.

Mark the issue as fresh by commenting /remove-lifecycle rotten.
Rotten issues close after an additional 30d of inactivity.
Exclude this issue from closing by commenting /lifecycle frozen.

If this issue is safe to close now please do so with /close.

/lifecycle rotten
/remove-lifecycle stale

[openshift-bot]

Rotten issues close after 30d of inactivity.

Reopen the issue by commenting /reopen.
Mark the issue as fresh by commenting /remove-lifecycle rotten.
Exclude this issue from closing again by commenting /lifecycle frozen.

/close

[openshift-ci]

@openshift-bot: Closed this PR.

In response to this:

Rotten issues close after 30d of inactivity.

Reopen the issue by commenting /reopen.
Mark the issue as fresh by commenting /remove-lifecycle rotten.
Exclude this issue from closing again by commenting /lifecycle frozen.

/close

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

[Elbehery]

/reopen

[Elbehery]

/remove-lifecycle rotten

[Elbehery]

/reopen

[openshift-ci-robot]

@Elbehery: This pull request references ETCD-349 which is a valid jira issue.

Warning: The referenced jira issue has an invalid target version for the target branch this PR targets: expected the story to target the "4.16.0" version, but no target version was set.

In response to this:

resolves https://issues.redhat.com/browse/ETCD-349

cc @tjungblu @hasbro17 minimal controller to discuss on this PR the right directions

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

[openshift-ci]

@Elbehery: Reopened this PR.

In response to this:

/reopen

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

[openshift-ci]

@Elbehery: Reopened this PR.

In response to this:

/reopen

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

[openshift-ci]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: Elbehery

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

• OWNERS [Elbehery]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment