Topology beta

[msau42]

Move from alpha CRDs to beta in-tree CSINode object.

I am temporarily copying the new API files into vendor

[k8s-ci-robot]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: msau42

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

• OWNERS [msau42]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[msau42]

/assign @jsafrane @xing-yang

[msau42]

Right now the sidecar errors if the CSINode object doesn't exist + the topology feature is enabled.

This may break backwards compatibility if you use a newer sidecar version on 1.13 where csi topology is disabled.

We could either:

• Say that this sidecar version is not supported on versions < 1.14
• Fallback to topology disabled behavior if CSINode doesn't exist

I'm leaning towards the latter, but that also means if we're on 1.14 and there's actually a problem with CSINode/driver registration, then we will continue to successfully provision a volume in a potentially bad zone.

wdyt? @jsafrane @verult @davidz627

[msau42]

actually now that I think about it more, is that what we want? If the api server is temporarily having problems, then we end up provisioning in the wrong zone.

[msau42]

another option is that we leave topology off by default (and we offer no compatibility guarantees from alpha->beta, including k/k alpha->beta).

[davidz627]

The new sidecar would work on version <1.14 with Topology enabled though right? So this is not a compatibility breaking thing. More of a "did you enable the feature on one component but not enable it on another" type problem. Maybe this is ok if we give a good error message making it very clear what is wrong in this case and how to solve it

[msau42]

If the user on 1.13 has delayed binding enabled on the storageclass in a single zone cluster, then with the old provisioner, provisioning still succeeds. If they upgrade the sidecar, then provisioning will fail with an error.

Now it's questionable what benefit they would get by enabling delayed binding in a single zone cluster, but there's currently no harm in doing so.

[msau42]

I'm going to make all the APIs call return an error if they fail (no fallback), but set topology feature gate to false. Drivers will need to explicitly enable the topology feature gate after upgrading to 1.14.

[msau42]

For drivers with topology disabled, upgrading the sidecar on 1.13 should not break.

For drivers with topology enabled, upgrading the sidecar on 1.13 will break. I think this is ok given it was an alpha feature.

[msau42]

Discussed with @jsafrane some more. To simplify our documentation and testing matrix, we should just require 1.14 for this new version of the sidecar. So then I can have topology enabled by default

[pohly]

Makes sense. We then need to maintain the older release branch for those people who use CSI with 1.13.

The Prow-based CI is ready for testing against two different Kubernetes releases. My proposal in https://github.com/kubernetes-csi/csi-driver-host-path/pull/16/commits is to maintain one or more deployments in the master branch, so users (and the CI) will always find what they look for there.

[davidz627]

mostly lgtm

[verult]

first (partial) pass

[msau42]

I made substantial changes in order to fail appropriately while still preserving backwards compatibility with topology disabled behavior. A summary of the changes:

• Immediate binding:
  • If a beta CSINode object that registers topology keys is found, at least one node has been upgraded, fail appropriately if needed
  • Otherwise, fallback to "topology disabled" behavior
• Delayed binding:
  • If selected node doesn't have beta CSINode object and the node is < 1.14, fallback to "topology disabled" behavior
  • Otherwise require that topology keys/labels are set.

Most of the test cases are under TestTopologyAggregation.

[davidz627]

LGTM. kind of skimmed the test cases though so if someone else can look at those more carefully. The comments are amazing!! They really help with understanding

[msau42]

If we need to support running newer external provisioner on 1.13, then I think we need to disable topology by default. Otherwise, provisioning on 1.13 will start to hit this error (if the driver also supports csi topology capability).

[msau42]

I've addressed comments and also wrapped the logic to lookup the CSINode object to reduce duplication of error handling. I've also turned topology off by default again.

[verult]

"in order to compute a priority ordering of topologies for preferredTopologies"

Strictly speaking, it's only limited to a "secondary" in the case of regional PDs

[msau42]

There's some desire to be able to limit the number of topologies returned, especially for most plugins that only have a single primary topology: #221

So I wanted to add in some more explicit comments here explaining the reason why we need to return all possible topologies even though a plugin may only need one.

[verult]

nit: At the beginning of this function, could you describe the high-level compatibility considerations we discussed offline? I found it hard to see the high-level picture reading through the different levels of conditional branches.

Would it also be helpful to label which pieces of logic can be removed after 1.13 is no longer a supported version?

[msau42]

I added a giant comment at the top. Let me know if this format works or you prefer something else

[verult]

It's super clear. Thanks!

[verult]

Should we have a test case where there's only a single CSINode with keys, in which there should be no errors?

[msau42]

Do the existing "same keys and values across cluster" and "different values across cluster" cases address this?

[verult]

Not quite. I'm thinking about the case where k8s nodes are partially upgraded to 1.14, so some nodes have keys but others don't

[verult]

Something like:

nodeLabels: []map[string]string{
				{"com.example.csi/zone": "zone1"},
				{"com.example.csi/zone": "zone2"},
				{"com.example.csi/zone": "zone2"},
			},
			topologyKeys: []map[string][]string{
				{testDriverName: []string{"com.example.csi/zone"}},
			},

in which the requisite should only have "com.example.csi/zone": "zone1", right?

[msau42]

Added 2 more test cases.

So actually, we in your case above, requisite has both zone1 and zone2. even though the other nodes don't have csiNode. It's because csiNode is only used to determine which topology keys to use, but we just iterate over all nodes that have the topology key.

[msau42]

addressed latest comments

[verult]

Do we need an issue tracking when to enable this by default?

[msau42]

I'm unsure if we need actually need to. It's important that kubernetes enables topology by default since it needs to be able to support all kinds of drivers, but since this flag is only controlling a specific driver implementation, I'm not sure if it actually gives much benefit being enabled by default.

[verult]

ACK

[verult]

It's super clear. Thanks!

[verult]

Not quite. I'm thinking about the case where k8s nodes are partially upgraded to 1.14, so some nodes have keys but others don't

[msau42]

/hold
debugging e2e test failures

[msau42]

E2E tests are passing (I had to explicitly enable topology in the driver because it's now turned it off by default).

I'll keep the hold to squash commits after review.

[verult]

/lgtm

[msau42]

Squashed commits
/hold cancel

[verult]

/lgtm