Update Taints field comment in the machine spec
#651
Conversation
|
@vikaschoudhary16: GitHub didn't allow me to request PR reviews from the following users: enxebre. Note that only kubernetes-sigs members and repo collaborators can review this PR, and authors cannot review their own PRs. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
k8s-ci-robot
added
cncf-cla: yes
|
+1 on the change. The doc as described is in conflict with other usages of taints in Kubernetes and other planned work coming in sig-node. |
|
Thanks, this was also my understanding of how we should handle taints after talking to folks on api machinery and node. The only question I have is whether it is possible for our controller to know when a user removes a taint from the machine spec so that it can be removed from the node, or if the additive nature of the machine controller means that we will only apply new taints and never be able to remove them. The /approve |
k8s-ci-robot
added
do-not-merge/hold
|
Is it sufficient for taints on a machine object to only reflect initial state? In practice, the node once actualized should be the source of truth. |
|
I'm with @derekwaynecarr here and I also think that we should rename the field |
I think so... One downside is that it means that if you want to manage taints on nodes you need to think about it in two places, the machine object for not yet created nodes and the node object for ones that exist. And we provide automation that will constantly churning nodes (cluster autoscaler). Another is that we will need to keep track somewhere of whether the taints have been applied to the node yet or not (since the new name would imply that it should only be done once). If we keep the field mutable, we also need to decide what the behavior should be if it's changed. If new taints are added, should they be applied retroactively? Or just to new nodes? If a user had previously removed one of the initial taints, should it be replaced? We should also think about changing the intended behavior of labels as well, since they should behave the same way as nodes. |
Do we though? I would assume that we could consider that a bootstrapping step that is applied as part of the node bringup (exposed through kubeadm or other bootstrapping tool).
I'd be okay with us updating the field to be immutable. I'm not sure how we would enforce that, though. Is there some mechanism exposed by kubebuilder or CRDs for doing so?
+1 for treating labels the same way. |
|
+1 for keeping the field immutable. Doing this, management of taints wont be required at two places rather at just nodes. |
Having the field immutable and considering the node the source of truth for farther updates sounds reasonable. The initialTaints setup could be considered a part of the node controller "linking" #658 Keeping consistency with labels sounds good. |
|
This came up during the subproject meeting today. /cc @dlipovetsky |
|
@roberthbailey: GitHub didn't allow me to request PR reviews from the following users: dlipovetsky. Note that only kubernetes-sigs members and repo collaborators can review this PR, and authors cannot review their own PRs. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
|
One thing we discussed was having the set of taints that are specified on the machine be actively reconciled (e.g. if you ask the machine controller to apply a taint and then manually remove the taint the machine controller will put it back) but not have the machine controller remove any taints. The same would go for labels and annotations. This would make the behavior both more understandable and also allow us to build complementary automation around taint/label management. |
This seems to work with what I think is a common use case of the In the design your described, an empty set of taints means "add no taints, but remove no taints," and this matches the semantics of the use case I describe. |
|
Related to #658. Also for reference kubernetes/kubernetes#73097 |
|
This PR needs a rebase. |
vikaschoudhary16
force-pushed
the
taint-comment
branch
from
d975330 to
8f022b1
Compare
k8s-ci-robot
removed
lgtm
k8s-ci-robot
added
the
size/XS
|
/lgtm |
k8s-ci-robot
added
the
lgtm
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: roberthbailey, vikaschoudhary16, vincepri The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
|
Leaving it on hold until next week's community meeting so we can give folks a heads up :) |
|
thanks @vincepri !!! |
|
Removing hold since it's been a week |
k8s-ci-robot
removed
the
do-not-merge/hold
…tatement Add CAPV image disclaimer
What this PR does / why we need it:
This PR fixes description of a field, Taints, in the machine spec. Current description mentions that the list of taints in the machine spec should be applied to the node in a "authoritative" manner and should overwrite any other existing taints on the node with this list of the taints. This is not correct because it conflicts with existing features such as taint-nodes-by-condition and upcoming features like shutdown taint
Which issue(s) this PR fixes (optional, in
fixes #<issue number>(, fixes #<issue_number>, ...)format, will close the issue(s) when PR gets merged):Fixes #
Release note:
/cc @roberthbailey @derekwaynecarr @enxebre