Comparing https://gcsweb.k8s.io/gcs/kubernetes-ci-logs/logs/ci-kubernetes-e2e-capz-master-windows/1856416666905219072/artifacts/ with https://gcsweb.k8s.io/gcs/kubernetes-ci-logs/logs/ci-kubernetes-e2e-capz-master-windows/1856461965182898176/artifacts/

not clear why it failed. Asked experts in #128875 (comment)

capz-windows-master has recovered https://testgrid.k8s.io/sig-release-master-informing#capz-windows-master&width=20

I think this ticket is for investigating why inplace broke this job.

/triage accepted
/priority important-soon

This was the main reason why I was +1 on the revert as I think we had a decent understanding of the test problem but this one is perplexing to me.

/sig node windows

This was the main reason why I was +1 on the revert as I think we had a decent understanding of the test problem but this one is perplexing to me.

Correct , the kubetest2 failure discussed here is also the other reason . We need to solve both those problems to put back InPlacePodVerticalScaling beta . I strongly think kubetest2 relate with test code .

/cc @tallclair @AnishShah

capz-windows-master has recovered https://testgrid.k8s.io/sig-release-master-informing#capz-windows-master&width=20

This run from https://prow.k8s.io/pr-history/?org=kubernetes&repo=kubernetes&pr=128880 passes without the revert https://prow.k8s.io/view/gs/kubernetes-ci-logs/pr-logs/pull/128880/pull-kubernetes-e2e-capz-windows-master/1859388054804893696

This was the main reason why I was +1 on the revert as I think we had a decent understanding of the test problem but this one is perplexing to me.

Correct , the kubetest2 failure discussed here is also the other reason . We need to solve both those problems to put back InPlacePodVerticalScaling beta . I strongly think kubetest2 relate with test code .

/cc @tallclair @AnishShah

Please check here and here updates for kubetest2 .

I do some tests on Windows via #128876 and #128927.

Create a pod with a configmap volume and check the permission of the volume.

It shows that the permission of the volume is correct. the expected permission is rwxrwxr-x and the actual permission is rwxrwxr-x. https://storage.googleapis.com/kubernetes-ci-logs/pr-logs/pull/128876/pull-kubernetes-e2e-capz-windows-master/1859544395364175872/artifacts/windows-tests-4712/pod-configmaps-99afca0f-ec2f-4eb1-84d9-cff78011da98/agnhost-container/logs.txt

Path   : Microsoft.PowerShell.Core\FileSystem::C:\etc\configmap-volume\path\to\
         data-2
Owner  : BUILTIN\Administrators
Group  : NT AUTHORITY\SYSTEM
Access : NT AUTHORITY\Authenticated Users Allow  Modify, Synchronize
         NT AUTHORITY\SYSTEM Allow  FullControl
         BUILTIN\Administrators Allow  FullControl
         BUILTIN\Users Allow  ReadAndExecute, Synchronize
Audit  : 
Sddl   : O:BAG:SYD:AI(A;ID;0x1301bf;;;AU)(A;ID;FA;;;SY)(A;ID;FA;;;BA)(A;ID;0x12
         00a9;;;BU)

It shows that the permission of the volume is incorrect. the expected permission is rwxrwxr-x but the actual permission is rwx---r-x. https://storage.googleapis.com/kubernetes-ci-logs/pr-logs/pull/128927/pull-kubernetes-e2e-capz-windows-master/1859786417295593472/artifacts/windows-tests-8460/pod-configmaps-38456fd5-e545-48fc-94c0-465f699797b1/agnhost-container/logs.txt

Path   : Microsoft.PowerShell.Core\FileSystem::C:\etc\configmap-volume\path\to\
         data-2
Owner  : BUILTIN\Administrators
Group  : NT AUTHORITY\SYSTEM
Access : BUILTIN\Administrators Allow  FullControl
         S-1-5-21-3344892312-2374761293-1590377129-513 Allow  ReadAndExecute, 
         Synchronize
         BUILTIN\Users Allow  ReadAndExecute, Synchronize
Audit  : 
Sddl   : O:BAG:SYD:AI(A;ID;FA;;;BA)(A;ID;0x1200a9;;;S-1-5-21-3344892312-2374761
         293-1590377129-513)(A;ID;0x1200a9;;;BU)

We can see the difference on access control list. I didn't know the reason why other tests affected the directory permission. #128880 may not fix the root cause of the issue.

cc @esotsal @pacoxu @aojea

Thanks @carlory , comparing runs from your tests, i am a bit puzzled now. Checking your PR runs without IPPVS and PR runs with IPPVS .

If i understand correctly , you don't have successful runs with IPPVs, but in #12880 we had some green runs , does this mean that it might not fix the root cause , but could it be that reduces the flakiness?. Does this mean that InPlacePodVerticalScaling is not the root cause but InPlacePodVerticalScaling increases the number of flake tests ? .

does this mean that it might not fix the root cause , but could it be that reduces the flakiness?.

@esotsal Yes, it is. #128880 only changes the test code, not the feature itself. Users may encounter the same issue when their clusters enable IPPVs.

To be honest, I'm very confused about why #128880 reduces the flakiness or resolves this issue, but the fact is that it does because the ci is green again.

The Access list I mentioned in the previous comment may help some developers understand what happened in the test.

Though I'm not sure this is related to the failures, there are the following messages in kubelet.log in failed cases:

E1120 14:36:37.747170    2972 kuberuntime_manager.go:681] "Unable to get resource configuration" pod="cloud-node-manager-windows-n9klf"
E1120 14:36:37.747170    2972 pod_workers.go:1301] "Error syncing pod, skipping" err="failed to SyncPod: unable to get resource configuration processing resize for pod cloud-node-manager-windows-n9klf" pod="kube-system/cloud-node-manager-windows-n9klf" podUID="fe6bd320-6e2e-481f-9377-c55cb58a4907"

It looks that doPodResizeAction() was called unexpectedly on windows:

There may be something wrong with this feature regarding Windows.

Thanks @hshiina , definitely this is not correct, windows are not supported for InPlacePodVerticalScaling ! Perhaps #128936 might fix this ? /cc @tallclair @vinaykul

https://github.com/kubernetes/kubernetes/pull/128936/files

You have just aswered the question of this issue @hshiina , thanks!

Should we increase priority to critical-urgent @pacoxu ?

Even if InPlacePodVerticalScaling is not Beta , if end user enables InPlacePodVerticalScaling it will have the same consequences on a Windows system.

Should we increase priority to critical-urgent @pacoxu ?

Given that the feature is alpha, we don't cherry-pick bugs for alpha features so I don't see the need at that moment.

/priority important-soon

This means we want this for 1.33 which I think is what we want.

Should we increase priority to critical-urgent @pacoxu ?

Given that the feature is alpha, we don't cherry-pick bugs for alpha features so I don't see the need at that moment.

/priority important-soon

This means we want this for 1.33 which I think is what we want.

Thanks for clarifying!

Is this possible to be related to #129083?

• I try to do some test based on current master.

Is this possible to be related to #129083?

• I try to do some test based on current master.

Confirmed. The issue is not related. Current master + enabling VPA beta will fail for https://prow.k8s.io/view/gs/kubernetes-ci-logs/pr-logs/pull/128040/pull-kubernetes-e2e-capz-windows-master/1867106924625924096.

I think #129214 should address this.

/reopen due to #129217

@AnishShah: Reopened this issue.