Use leader election library from csi-lib-utils #135
Conversation
k8s-ci-robot
added
the
cncf-cla: yes
|
/assign @msau42 @xing-yang |
k8s-ci-robot
added
the
size/XXL
andrewsykim
force-pushed
the
leaderelection
branch
3 times, most recently
from
e737962 to
066e5ac
Compare
cmd/csi-attacher/main.go
Outdated
| @@ -60,6 +61,7 @@ var ( | |||
| timeout = flag.Duration("timeout", 15*time.Second, "Timeout for waiting for attaching or detaching the volume.") | |||
|
|
|||
| enableLeaderElection = flag.Bool("leader-election", false, "Enable leader election.") | |||
| leaderElectionType = flag.String("leader-election-type", "configmap", "the type of leader election, options are 'configmap' (default) or 'lease' (recommended)") | |||
| leaderElectionNamespace = flag.String("leader-election-namespace", "", "Namespace where this attacher runs.") | |||
| leaderElectionIdentity = flag.String("leader-election-identity", "", "Unique identity of this attacher. Typically name of the pod where the attacher runs.") | |||
There was a problem hiding this comment.
I don't think identity is needed anymore since the lib will use the hostname if it's not set. Should we deprecate the flag here now and default to whatever is in csi-lib-utils?
There was a problem hiding this comment.
Yes, please deprecate it (print a warning when it's used)
There was a problem hiding this comment.
@andrewsykim There's https://github.com/kubernetes-csi/csi-lib-utils/blob/master/deprecatedflags/deprecatedflags.go which can be used for deprecated flags.
andrewsykim
force-pushed
the
leaderelection
branch
from
066e5ac to
70e3507
Compare
|
/assign @jsafrane |
cmd/csi-attacher/main.go
Outdated
| @@ -60,6 +61,7 @@ var ( | |||
| timeout = flag.Duration("timeout", 15*time.Second, "Timeout for waiting for attaching or detaching the volume.") | |||
|
|
|||
| enableLeaderElection = flag.Bool("leader-election", false, "Enable leader election.") | |||
| leaderElectionType = flag.String("leader-election-type", "configmap", "the type of leader election, options are 'configmap' (default) or 'lease' (recommended)") | |||
| leaderElectionNamespace = flag.String("leader-election-namespace", "", "Namespace where this attacher runs.") | |||
| leaderElectionIdentity = flag.String("leader-election-identity", "", "Unique identity of this attacher. Typically name of the pod where the attacher runs.") | |||
There was a problem hiding this comment.
Yes, please deprecate it (print a warning when it's used)
|
/hold Waiting for kubernetes-csi/csi-lib-utils#24 |
k8s-ci-robot
added
the
do-not-merge/hold
|
How does that affect RBAC rules? |
|
Good point. RBAC rules need to be updated to add Lease. (we still need to keep the configmap rules for backwards compat), but drivers can decide to further refine them as needed. |
In which case does that help? If the current code no longer needs them, then they can be removed. No-one should be using these updated RBAC rules with an older sidecar release, that's not part of our compatibility guarantees. |
andrewsykim
force-pushed
the
leaderelection
branch
from
70e3507 to
f55b92b
Compare
|
The current code still has to support the old leaderelection method for backwards compatibility. So we still need rules for both ways. |
andrewsykim
force-pushed
the
leaderelection
branch
from
f55b92b to
597f4a9
Compare
| @@ -42,9 +42,7 @@ Note that the external-attacher does not scale with more replicas. Only one exte | |||
|
|
|||
| * `--leader-election`: Enables leader election. This is useful when there are multiple replicas of the same external-attacher running for one CSI driver. Only one of them may be active (=leader). A new leader will be re-elected when current leader dies or becomes unresponsive for ~15 seconds. | |||
|
|
|||
| * `--leader-election-namespace <namespace>`: Namespace where the external-attacher runs and where leader election object will be created. It is recommended that this parameter is populated from Kubernetes DownwardAPI. | |||
|
|
|||
| * `--leader-election-identity <id>`: Unique identity of this replica of external-attacher container. It must be unique among all running replicas of the external-attacher. Pod name populated from Kubernetes DownwardAPI is recommended. | |||
There was a problem hiding this comment.
Move this to the Deprecated arguments section
There was a problem hiding this comment.
Ah sorry one more nit. This should be moved to the "Deprecated arguments" section
| @@ -51,7 +51,7 @@ roleRef: | |||
| apiGroup: rbac.authorization.k8s.io | |||
|
|
|||
| --- | |||
| # Attacher must be able to work with config map in current namespace | |||
There was a problem hiding this comment.
Also add a comment that a driver only needs to include one of these rules depending on which leader election method it chose
README.md
Outdated
| * `--leader-election-namespace <namespace>`: Namespace where the external-attacher runs and where leader election object will be created. It is recommended that this parameter is populated from Kubernetes DownwardAPI. | ||
|
|
||
| * `--leader-election-identity <id>`: Unique identity of this replica of external-attacher container. It must be unique among all running replicas of the external-attacher. Pod name populated from Kubernetes DownwardAPI is recommended. | ||
| * `--leader-election-type`: The resource type to use for leader election, options are 'configmaps' (default) or 'leases' (recommended) |
There was a problem hiding this comment.
Should we deprecate the "configmap" option?
|
Vendor commit msg needs to be updated. Also, could you add an entry to the Changelog file? |
andrewsykim
force-pushed
the
leaderelection
branch
from
597f4a9 to
f36eab7
Compare
CHANGELOG-1.1.md
Outdated
| @@ -16,6 +16,8 @@ | |||
|
|
|||
| ## Other notable changes | |||
|
|
|||
| * Add support for Lease based leader election. Enable this by setting `--leader-election-type=leases` ([#135](https://github.com/kubernetes-csi/external-attacher/pull/135)) | |||
There was a problem hiding this comment.
This can probably go under "Notable features"
CHANGELOG-1.1.md
Outdated
| @@ -16,6 +16,8 @@ | |||
|
|
|||
| ## Other notable changes | |||
|
|
|||
| * Add support for Lease based leader election. Enable this by setting `--leader-election-type=leases` ([#135](https://github.com/kubernetes-csi/external-attacher/pull/135)) | |||
| * --leader-election-identity is now deprecated. Setting this flag will do nothing now. ([#135](https://github.com/kubernetes-csi/external-attacher/pull/135)) | |||
There was a problem hiding this comment.
This should go under "Deprecations"
andrewsykim
force-pushed
the
leaderelection
branch
2 times, most recently
from
df8bbcc to
58cd406
Compare
| @@ -38,17 +38,11 @@ spec: | |||
| - "--v=5" | |||
| - "--csi-address=$(ADDRESS)" | |||
| - "--leader-election" | |||
| - "--leader-election-namespace=$(MY_NAMESPACE)" | |||
There was a problem hiding this comment.
should this example use lease?
There was a problem hiding this comment.
Yeah it should. Originally left that out since I didn't want anyone re-deploying this on an existing deployment but I don't think that'll be a problem
CHANGELOG-1.1.md
Outdated
| @@ -3,6 +3,7 @@ | |||
| # Deprecations | |||
|
|
|||
| * Command line flag `-connection-timeout` is deprecated and has no effect. | |||
| * --leader-election-identity is now deprecated. Setting this flag will have no effect on leader election. ([#135](https://github.com/kubernetes-csi/external-attacher/pull/135)) | |||
There was a problem hiding this comment.
Can you follow the style of the above?
andrewsykim
force-pushed
the
leaderelection
branch
from
58cd406 to
8809605
Compare
| @@ -3,6 +3,7 @@ | |||
| # Deprecations | |||
|
|
|||
| * Command line flag `-connection-timeout` is deprecated and has no effect. | |||
| * Command line flag `--leader-election-identity` is deprecated and has no effect. | |||
There was a problem hiding this comment.
Can we also deprecate the "configmaps" option?
It would be useful to document that in the RBAC file: someone might want to remove the parts that they don't need because they only use one mode. |
andrewsykim
force-pushed
the
leaderelection
branch
from
8809605 to
0228ef9
Compare
| // Name of config map with leader election lock | ||
| lockName := "external-attacher-leader-" + csiAttacher | ||
| if *leaderElectionType == "configmaps" { | ||
| le = leaderelection.NewLeaderElectionWithConfigMaps(clientset, lockName, run) |
There was a problem hiding this comment.
Can you also print out a warning message saying that the configmap option is deprecated.
cmd/csi-attacher/main.go
Outdated
| @@ -60,14 +62,20 @@ var ( | |||
| timeout = flag.Duration("timeout", 15*time.Second, "Timeout for waiting for attaching or detaching the volume.") | |||
|
|
|||
| enableLeaderElection = flag.Bool("leader-election", false, "Enable leader election.") | |||
| leaderElectionNamespace = flag.String("leader-election-namespace", "", "Namespace where this attacher runs.") | |||
| leaderElectionIdentity = flag.String("leader-election-identity", "", "Unique identity of this attacher. Typically name of the pod where the attacher runs.") | |||
| leaderElectionType = flag.String("leader-election-type", "configmap", "the type of leader election, options are 'configmaps' (default) or 'leases' (recommended)") | |||
There was a problem hiding this comment.
Also add a note here that configmaps is deprecated.
Gopkg.toml
Outdated
| name = "github.com/container-storage-interface/spec" | ||
| version = "1.0.0" | ||
| version = "=1.0.0" |
There was a problem hiding this comment.
This should be updated to 1.1.0 to be consistent with csi-lib-utils 0.6.1.
"override" should be changed to "constraint".
There was a problem hiding this comment.
Upgrading to 1.1.0 breaks a bunch of tests which I don't want to be fixing in this PR, hence the override
There was a problem hiding this comment.
go test `go list ./... | grep -v 'vendor' `
# github.com/kubernetes-csi/external-attacher/vendor/github.com/kubernetes-csi/csi-test/driver
vendor/github.com/kubernetes-csi/csi-test/driver/mock.go:41:5: cannot use servers.Controller (type *MockControllerServer) as type csi.ControllerServer in field value:
*MockControllerServer does not implement csi.ControllerServer (missing ControllerExpandVolume method)
vendor/github.com/kubernetes-csi/csi-test/driver/mock.go:42:5: cannot use servers.Node (type *MockNodeServer) as type csi.NodeServer in field value:
*MockNodeServer does not implement csi.NodeServer (missing NodeExpandVolume method)
? github.com/kubernetes-csi/external-attacher/cmd/csi-attacher [no test files]
FAIL github.com/kubernetes-csi/external-attacher/pkg/attacher [build failed]
ok github.com/kubernetes-csi/external-attacher/pkg/controller 1.451s
make: *** [test-go] Error 2
I can fix this in a follow-up PR
There was a problem hiding this comment.
That should go away if you also update csi-test to 2.0.0.
There was a problem hiding this comment.
ah, thanks, updated now
andrewsykim
force-pushed
the
leaderelection
branch
2 times, most recently
from
42e663b to
1bd3b71
Compare
Gopkg.toml
Outdated
| @@ -1,16 +1,16 @@ | |||
| # List of dependecies for CSI attacher | |||
|
|
|||
| [[constraint]] | |||
| [[override]] | |||
There was a problem hiding this comment.
This can be constraint now?
CHANGELOG-1.1.md
Outdated
| @@ -3,6 +3,8 @@ | |||
| ## Deprecations | |||
|
|
|||
| * Command line flag `-connection-timeout` is deprecated and has no effect. | |||
| * Command line flag `--leader-election-identity` is deprecated and has no effect. | |||
| * Command line argument `configmaps` for flag `--leader-election-type` is deprecated in favor of `--leader-election-type=leases`. The default is still `configmaps` for backwards compatibility reasons but will be switched to `leases` in a future release. | |||
There was a problem hiding this comment.
I thought of another way to document this. What do you think of this?
There was a problem hiding this comment.
Looks much better, I'll update :)
andrewsykim
force-pushed
the
leaderelection
branch
from
1bd3b71 to
fb07c0d
Compare
…ease based leader election
andrewsykim
force-pushed
the
leaderelection
branch
from
fb07c0d to
9bd541a
Compare
README.md
Outdated
| @@ -57,10 +57,6 @@ Note that the external-attacher does not scale with more replicas. Only one exte | |||
|
|
|||
| * `--leader-election`: Enables leader election. This is useful when there are multiple replicas of the same external-attacher running for one CSI driver. Only one of them may be active (=leader). A new leader will be re-elected when current leader dies or becomes unresponsive for ~15 seconds. | |||
|
|
|||
| * `--leader-election-namespace <namespace>`: Namespace where the external-attacher runs and where leader election object will be created. It is recommended that this parameter is populated from Kubernetes DownwardAPI. | |||
There was a problem hiding this comment.
We still need to keep the namespace argument right? Do we have to deprecate this as well?
There was a problem hiding this comment.
oops, yeah we need to keep this here. I'm not sure about deprecation though since you can run external-attacher outside the cluster.
andrewsykim
force-pushed
the
leaderelection
branch
from
9bd541a to
45ca4f6
Compare
Signed-off-by: Andrew Sy Kim <kiman@vmware.com>
Signed-off-by: Andrew Sy Kim <kiman@vmware.com>
andrewsykim
force-pushed
the
leaderelection
branch
from
45ca4f6 to
eddfb81
Compare
|
/lgtm |
k8s-ci-robot
added
the
lgtm
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: andrewsykim, msau42 The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
k8s-ci-robot
added
the
approved
|
/hold cancel |
k8s-ci-robot
removed
the
do-not-merge/hold
Also adds support for lease based leader election which will be the preferred resource for leader election. We still need to support ConfigMap based leader election for backwards compatibility.