-
Notifications
You must be signed in to change notification settings - Fork 263
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add option flags to define nodeSelector, nodeAffinity and toleration on Knative Service #1924
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@Shashankft9: 0 warnings.
In response to this:
Description
Adds ability to assign knative services to nodes
Changes
- adds
nodeSelector
,nodeAffinity
andtoleration
to podspec- adds update functions in
podspec_helper.go
for each of those fields- only supports ORed terms for required clause of node affinity
- supports previously added nodeselectors, but no removals in node affinity and toleration since there is no clear identifier.
Reference
Fixes #1841
Release Note
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.
@dsimansk hey, going to add some more tests, and maybe refactor few things, early feedback would be appreciated! |
Codecov ReportAttention: Patch coverage is
Additional details and impacted files@@ Coverage Diff @@
## main #1924 +/- ##
==========================================
+ Coverage 74.58% 76.82% +2.23%
==========================================
Files 207 207
Lines 15567 12892 -2675
==========================================
- Hits 11611 9904 -1707
+ Misses 3167 2187 -980
- Partials 789 801 +12 ☔ View full report in Codecov by Sentry. |
docs/cmd/kn_service_apply.md
Outdated
--user int The user ID to run the container (e.g., 1001). | ||
--volume stringArray Add a volume from a ConfigMap (prefix cm: or config-map:) a Secret (prefix secret: or sc:), an EmptyDir (prefix ed: or emptyDir:) or a PersistentVolumeClaim (prefix pvc: or persistentVolumeClaim). Example: --volume myvolume=cm:myconfigmap, --volume myvolume=secret:mysecret or --volume emptyDir:myvol:size=1Gi,type=Memory. You can use this flag multiple times. To unset a ConfigMap/Secret reference, append "-" to the name, e.g. --volume myvolume-. | ||
--volume stringArray Add a volume from a ConfigMap (prefix cm: or config-map:) a Secret (prefix secret: or sc:), an EmptyDir (prefix ed: or emptyDir:) or a PersistentVolumeClaim (prefix pvc: or persistentVolumeClaim). PersistentVolumeClaim and EmptyDir only works if the feature gate is enabled in knative serving. Example: --volume myvolume=cm:myconfigmap, --volume myvolume=secret:mysecret or --volume emptyDir:myvol:size=1Gi,type=Memory. You can use this flag multiple times. To unset a ConfigMap/Secret reference, append "-" to the name, e.g. --volume myvolume-. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
That's not correct entirely. EmptyDir
is enabled. Per: https://github.com/knative/serving/blob/ba3f983855bc33555b8416bd745c773fbdd4079c/config/core/configmaps/features.yaml#L183
I see, the PVC support is still not enabled by default. But I'd still opt changing the docs in this PR and rather create a new targeted one for it.
pkg/kn/commands/service/create.go
Outdated
# Create a service with node selector (if feature flag is enabled here: https://knative.dev/docs/serving/configuration/feature-flags) | ||
kn service create nodeselectortest --image knativesamples/helloworld --node-selector Disktype="ssd" | ||
|
||
# Create a service with toleration (if feature flag is enabled here: https://knative.dev/docs/serving/configuration/feature-flags) | ||
kn service create tolerationtest --image knativesamples/helloworld --toleration Key="node-role.kubernetes.io/master",Effect="NoSchedule",Operator="Equal",Value="" | ||
|
||
# Create a service with node affinity (if feature flag is enabled here: https://knative.dev/docs/serving/configuration/feature-flags) | ||
kn service create nodeaffinitytest --image knativesamples/helloworld --node-affinity Type="Required",Key="topology.kubernetes.io/zone",Operator="In",Values="antarctica-east1 antarctica-east2"` |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Preferably those docs link should point to exact feature anchor, e.g. https://knative.dev/docs/serving/configuration/feature-flags/#kubernetes-toleration
.
@Shashankft9 thanks for looking into this feature. I'm still not 100% convinced we should have it though. Given that every option is hidden behind its own specific flag. There's no good way to determine if the flags are actually usable on the Serving instances, until executed against webhook that might reject it. I wonder how the error message looks like from Serving's webhook. If it propagates a good hint for users why Ksvc creation failed. More over looking at the "verbosity" of required input. I doubt the overall usefulness. Subjectively I'd opt for KSVC stored in yaml format for such advanced configuration. I mean this kind of verbosity:
/cc @rhuss any thoughts? |
pkg/kn/flags/podspec.go
Outdated
flagNames = append(flagNames, "toleration") | ||
|
||
flagset.StringSliceVar(&p.NodeAffinity, "node-affinity", []string{}, | ||
"Add node affinity to be set - only works if the feature gate is enabled in knative serving. When key, operator, values and weight are defined for a type, they will be appended in nodeSelectorTerms in case of Required clause, "+ |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Maybe something like to use this flag a feature flag must be enabled in Knative Serving configuration
.
Pls spelled with starting capital letter Knative Serving
in all occurrences.
@dsimansk thanks for the feedback, I'll work on the pointers. But regarding the usefulness, we currently have one use case that needs something like this in kn cli, I will try to justify below: So in some of edge cloud deployments and dev kubernetes clusters, we are using knative functions with tekton (on-cluster builds), but in addition to its current cli form, we have also used the function client and built a controller on top of it, that provides a CRD like UX for function creation. Currently on-cluster build has three tekton tasks - git clone, build and deploy, but this poses a problem when someone has to add things like scaling configurations, tls and other serving specific configurations. To do this with func cli, its quite easy, but when doing it through on-cluster builds, it implies that the user has to do the changes in func.yaml and then commit it in git and then run on-cluster builds, which goes quite against the UX that we are wanting to provide through CRD. But then, we came across one scenario in our edge cloud deployments where we had certain nodes in a kubernetes cluster dedicated to specific workloads and had a different mtu packet size set on them which had an affect on the usual service/pod networking for those nodes, essentially meaning that our functions must not schedule on those nodes, so we have to make functions stick to some nodes, hence the need for these mechanisms through kn. Does that make sense merely from the use-case perspective? I am not sure how others are using kn cli, but this is how we are currently using it. Maybe this is something that can be useful for the func's CRD and Operator story?
For this, I can check and post here, but I think last when I tried, Serving's webhook gave a clear hint around it |
here's what it looks like when i disable node affinity, node selector and toleration from feature flags:
|
Thanks, for the extensive reply to support the usefulness concern. I'm getting a better picture now. One idea how to address my concern might be introducing "experimental" or "advanced" section in the help message. I.e. to de-clutter current list of |
793718e
to
6677a4e
Compare
Signed-off-by: Shashankft9 <shanky.337marchss@gmail.com>
Signed-off-by: Shashankft9 <shanky.337marchss@gmail.com>
Signed-off-by: Shashankft9 <shanky.337marchss@gmail.com>
hello @dsimansk , this is ready for another review - I have reverted the changes done for creating subsections in flags, and added tests. context: subsection in flag work was reverted because of the pending feature in cobra, more here - https://cloud-native.slack.com/archives/C04LY4SKBQR/p1713175380354749 |
@Shashankft9 could you pls try to rerun |
pkg/kn/flags/podspec.go
Outdated
@@ -159,7 +162,7 @@ func (p *PodSpecFlags) AddFlags(flagset *pflag.FlagSet) []string { | |||
flagset.StringArrayVarP(&p.Volume, "volume", "", []string{}, | |||
"Add a volume from a ConfigMap (prefix cm: or config-map:) a Secret (prefix secret: or sc:), "+ | |||
"an EmptyDir (prefix ed: or emptyDir:) or a PersistentVolumeClaim (prefix pvc: or persistentVolumeClaim). "+ | |||
"Example: --volume myvolume=cm:myconfigmap, --volume myvolume=secret:mysecret or --volume emptyDir:myvol:size=1Gi,type=Memory. "+ | |||
"PersistentVolumeClaim only works if the feature gate is enabled here: https://knative.dev/docs/serving/configuration/feature-flags/#kubernetes-persistentvolumeclaim-pvc. Example: --volume myvolume=cm:myconfigmap, --volume myvolume=secret:mysecret or --volume emptyDir:myvol:size=1Gi,type=Memory. "+ |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'd rather refer to "Knative Serving feature flags configuration" without exact URL, as it might not age very well over time.
//TODO: only supporting ORed terms, also support ANDed expressions in a single term | ||
//TODO: only supporting matchExpressions, also support matchFields |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@Shashankft9 would you like to capture those in a follow-up and address later?
if value == "Required" { | ||
nodeAffinityType = "Required" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It's a small nit. I would probably make it less restrictive and with strings.ToLower(value) == "required"
. We have that at other places that parse such inputs. But it doesn't need to addressed immediately.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@Shashankft9 sorry for the delayed replies. I'm going to proceed with the PR and merge it. But please see my last comments. IMO those can be addressed in future iterations.
Thanks!
/approve
/lgtm
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: dsimansk, Shashankft9 The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
@dsimansk ack, I can work on those improvements in followup PR - thanks! |
Description
Adds ability to assign knative services to nodes
Changes
nodeSelector
,nodeAffinity
andtoleration
to podspecpodspec_helper.go
for each of those fieldsReference
Fixes #1841
Release Note