Add ClusterOperator Scheduling #650
Conversation
|
[APPROVALNOTIFIER] This PR is NOT APPROVED This pull-request has been approved by: The full list of commands accepted by this bot can be found here.
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
| ## Summary | ||
|
|
||
| To ensure system components, especially ClusterOperators, have the correct | ||
| set of tolerations. |
There was a problem hiding this comment.
Possibly PR with adjustments to this existing enhancements content, instead of creating a new, parallel enhancement?
There was a problem hiding this comment.
I should have used grep! I looked in the scheduling folder but didn't find this obviously.
| draining a node can complete. This results in hot-looping between draining | ||
| and the scheduler. | ||
|
|
||
| Any other NoSchedule toleration is fine. |
There was a problem hiding this comment.
In the spirit of Chesterton fence, I’d like to see a review of the components that thought they should set this and why (representative sample).
That ensures we correct misconceptions about when the toleration is appropriate.
If it was accidental, what would have prevented the accident?
There was a problem hiding this comment.
The one I know of for sure is the CVO. I don't have data if anything else is doing it or not. I will take a look.
There was a problem hiding this comment.
Looks like the CVO is the only-non daemonset pod that has this toleration, at least from a typical CI run. The daemonsets get that toleration dynamically, so everything else looks correct.
There was a problem hiding this comment.
There was a discussion sometime ago on whether CVO should tolerate NoSchedule taint and the answer was yes. Has something changed now? I was always in favour of specific tolerations instead of blanket tolerations. How about adding a taint called drain-in-progress to node with NoSchedule effect. That won't be tolerated by CVO which should help in proceeding with draining smoothly.
There was a problem hiding this comment.
Thanks for sharing that discussion. There is more than one 'NoSchedule' taint. Based on the discussion you linked, it seems node.kubernetes.io/unschedulable was included by mistake. This is not discussed directly, the discussion revolved around unreachable nodes and unready nodes. node.kubernetes.io/unschedulable does not affect those scenarios and is only used for administrative cordons (eg, node.spec.unschedulable=True).
There was a problem hiding this comment.
I am not entire sure of that, IIUC I got a firm yes on unschedulable however if you think this was not needed, I can change the tolerations of CVO.
There was a problem hiding this comment.
There are many taints that have the effect 'NoSchedule' but there is one 'node.kubernetes.io/unschedulable' taint with the effect 'NoSchedule'. It appears in the previous discussion only NoSchedule was considered rather than the specific taints (at the least, node.kubernetes.io/unschedulable was not itself considered directly).
There was a problem hiding this comment.
any NoSchedule taint != unschedulable condition. unschedulable condition == node.kubernetes.io/unschedulable taint. unschedulable is a node condition which is being represented via a special well known taint called node.kubernetes.io/unschedulable.
There was a problem hiding this comment.
I'm trying to use the k8s precise language. There are taints, and those taints have effects. The effect we're discussing is NoSchedule. That effect is caused by one or more taints.
I did not see the taint node.kubernetes.io/unschedulable discussed in the link you provided. There were only discussions around the NoSchedule effect.
|
|
||
|
|
||
| ### Test Plan | ||
|
|
There was a problem hiding this comment.
I assumed we would enforce this via a test? Or did I miss that above?
There was a problem hiding this comment.
I think we do
There was a problem hiding this comment.
Looks like that ensure control plane operators do not make themselves unevictable does not cover node.kubernetes.io/unschedulable today? Just unreachable and not-ready.
There was a problem hiding this comment.
Thank you for initiating this discussion @michaelgugino. This looks like a step in right direction.
| draining a node can complete. This results in hot-looping between draining | ||
| and the scheduler. | ||
|
|
||
| Any other NoSchedule toleration is fine. |
There was a problem hiding this comment.
There was a discussion sometime ago on whether CVO should tolerate NoSchedule taint and the answer was yes. Has something changed now? I was always in favour of specific tolerations instead of blanket tolerations. How about adding a taint called drain-in-progress to node with NoSchedule effect. That won't be tolerated by CVO which should help in proceeding with draining smoothly.
|
|
||
|
|
||
| ### Test Plan | ||
|
|
There was a problem hiding this comment.
I think we do
michaelgugino
force-pushed
the
co-sched
branch
from
84f03d6
to
1fc41ea
Compare
| @@ -222,6 +225,10 @@ spec: | |||
| - operator: Exists | |||
| ``` | |||
|
|
|||
| Tolerating all taints should be reserved for DaemonSets and static | |||
There was a problem hiding this comment.
Which static pods are you referring to?
There was a problem hiding this comment.
Is there more than one type?
There was a problem hiding this comment.
I meant which specific static pods in OpenShift. IIUC, static pods should be tolerating all NoExecute taints not NoSchedule as their manifests are directly present on the node, there is no need for them to go through scheduling cycle.
There was a problem hiding this comment.
There isn't an option to tolerate all taints of a certain effect, just "All" generally.
| @@ -189,6 +189,9 @@ following taints if doing so is necessary to form a functional Kubernetes node: | |||
| Operators should not specify tolerations in their manifests for any of the taints in | |||
| the above list without an explicit and credible justification. | |||
|
|
|||
| Operators should never specify the following toleration: | |||
There was a problem hiding this comment.
The other guidelines in this section include justification, so that someone coming to the doc without all of the background can learn why we have each restriction. This addition would benefit from a sentence or two explaining why this value is so special that it should never be used.
|
/lgtm In the future we may come up with exceptions, which are reasonable to propose as new enhancements. We may also wish to take this feedback back to sig-scheduling and gather other perspectives on whether tolerations are missing something in between "list" and "all". |
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: smarterclayton The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
openshift-ci
bot
added
the
approved
No description provided.