Fix availability set cache in vmss cache #537
Conversation
k8s-ci-robot
added
release-note
k8s-ci-robot
added
the
size/M
|
/assign @aramase @jsturtevant @alexeldeib @feiskyer |
|
will fix/add UTs shortly. Please feel free to review the code in the meantime. |
CecileRobertMichon
force-pushed
the
fix-vm-cache
branch
from
5c9c1ab to
0eec650
Compare
|
/lgtm |
k8s-ci-robot
added
the
lgtm
|
/hold |
k8s-ci-robot
added
the
do-not-merge/hold
pkg/provider/azure_vmss.go
Outdated
| @@ -210,7 +211,7 @@ func (ss *scaleSet) getVmssVM(nodeName string, crt azcache.AzureCacheReadType) ( | |||
|
|
|||
| // GetPowerStatusByNodeName returns the power state of the specified node. | |||
| func (ss *scaleSet) GetPowerStatusByNodeName(name string) (powerState string, err error) { | |||
| managedByAS, err := ss.isNodeManagedByAvailabilitySet(name, azcache.CacheReadTypeUnsafe) | |||
There was a problem hiding this comment.
This change would cause every not found node to trigger cache updates and may cause issues when a large number of nodes are deleted or newly created. Have you done some validations on these scenarios?
There was a problem hiding this comment.
Correct. See my note in PR description:
Note that this approach minimizes cache refreshes by not refreshing unless necessary, but it does add extra GET API calls whenever a new node joins the cluster. This can be skipped altogether with the DisableAvailabilitySetNodes flag that is already implemented. It's not perfect but it will fix most scenarios for CAPZ. In the future, I'd like to propose a new "mixed" or "hybrid" VMSet implementation that is truly aware of both VMs and VMSS nodes as a more long-term fix.
We already do the same thing for VMSS: https://github.com/kubernetes-sigs/cloud-provider-azure/blob/master/pkg/provider/azure_vmss.go#L182-L188
There isn't a way to avoid this, unfortunately, if the node just joined the cluster and we've never fetched its corresponding VM/VMSS.
There was a problem hiding this comment.
since we are doing the refresh below based on the new diff between new nodes and known vms, I am not sure that this change is required? If it isn't in the cache but the node is new then it is forced by https://github.com/kubernetes-sigs/cloud-provider-azure/pull/537/files#diff-e6715e02b5aa5f8b693bf3e14dd99dd9a160f0f0f1481df96891af24fc3a5fffR333
There was a problem hiding this comment.
may cause issues when a large number of nodes are deleted or newly created
This will only be an issue if the nodes come up in sequence? I.E. if a node is added every 5 mins we would have an api call every five minutes.
Do we have any data on how often that type scenario occurs? Maybe during node auto scaler operations?
There was a problem hiding this comment.
Yeah, I think we can keep the cache read type unsafe as we are doing a force refresh if not found in the cache.
There was a problem hiding this comment.
Yeah, I think we can keep the cache read type unsafe as we are doing a force refresh if not found in the cache.
Correct, reverted that change
There was a problem hiding this comment.
thanks for the discussion and addressing the issues
|
I think this does solve the 15 mins on initial boot or when the nodes are fetch right before a scale event and it does mitigate the extra api calls by only doing it if the node is new to the cluster. Couple of thoughts for the future:
|
pkg/provider/azure_vmss.go
Outdated
| @@ -210,7 +211,7 @@ func (ss *scaleSet) getVmssVM(nodeName string, crt azcache.AzureCacheReadType) ( | |||
|
|
|||
| // GetPowerStatusByNodeName returns the power state of the specified node. | |||
| func (ss *scaleSet) GetPowerStatusByNodeName(name string) (powerState string, err error) { | |||
| managedByAS, err := ss.isNodeManagedByAvailabilitySet(name, azcache.CacheReadTypeUnsafe) | |||
There was a problem hiding this comment.
Yeah, I think we can keep the cache read type unsafe as we are doing a force refresh if not found in the cache.
Typically this is determined from the |
CecileRobertMichon
force-pushed
the
fix-vm-cache
branch
from
0eec650 to
fd315b0
Compare
k8s-ci-robot
removed
the
lgtm
k8s-ci-robot
added
lgtm
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: CecileRobertMichon, feiskyer The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
k8s-ci-robot
added
the
approved
|
New changes are detected. LGTM label has been removed. |
k8s-ci-robot
removed
the
lgtm
feiskyer
added
the
lgtm
What type of PR is this?
/kind bug
What this PR does / why we need it: This fixes a bug affecting clusters with virtual machines when vmType is set to "vmss". What happens is the control manager comes online and queries for azure machines power status. Since the machines are not available yet they are not in the cache. When the request comes in for the load balancer the cache is queried and reports that the node does not exist as a VMAS and attempts to run the VMSS code hence the following error message:
failed: not a vmss instance. The same error also occurs when trying to expose a load balancer service. When it is found the cache it goes down the correct code path.This adds logic to the vmss cache to refresh the availability set cache if the node it is querying for has joined the cluster since the last cache refresh, or if the cache has expired. Note that this approach minimizes cache refreshes by not refreshing unless necessary, but it does add extra GET API calls whenever a new node joins the cluster. This can be skipped altogether with the
DisableAvailabilitySetNodesflag that is already implemented. It's not perfect but it will fix most scenarios for CAPZ. In the future, I'd like to propose a new "mixed" or "hybrid" VMSet implementation that is truly aware of both VMs and VMSS nodes as a more long term fix.Which issue(s) this PR fixes:
Fixes #363
Special notes for your reviewer: @feiskyer if I want this fix to make it back into the in tree provider, what's the best way to proceed?
Release note: