Fix bug in detaching disks when node is powered-off but still in inventory in vsphere CP #63413
Conversation
k8s-ci-robot
added
release-note-none
k8s-ci-robot
added
the
needs-ok-to-test
|
/sig vmware |
k8s-ci-robot
added
the
area/provider/vmware
|
/ok-to-test |
k8s-ci-robot
removed
the
needs-ok-to-test
|
/retest |
|
/assign @abrarshivani |
| glog.Infof("Node %q does not exist, disk %s is already detached from node.", convertToString(nodeName), volPath) | ||
| if err == vclib.ErrNoVMFound { | ||
| // If node doesn't exist, discover the node to check if node is still in vcenter inventory | ||
| node, err := vs.nodeManager.GetRemovedNode(nodeName) |
There was a problem hiding this comment.
I think this will not work if controller-manager restarts since this information will vanish. Can you please confirm this?
| @@ -45,10 +45,12 @@ type NodeManager struct { | |||
| nodeInfoMap map[string]*NodeInfo | |||
| // Maps node name to node structure | |||
| registeredNodes map[string]*v1.Node | |||
| removedNodes map[string]*v1.Node | |||
There was a problem hiding this comment.
Node information will still stay even if all the volumes that are attached by the cluster are detached. I would suggest to remove this information when not needed.
|
Hi, @abrarshivani To solve these 2 issues you mentioned, I'm thinking to take a different approach instead like
Would you tell me how do you feel about this approach? |
k8s-ci-robot
added
size/L
|
@abrarshivani Would you please take another look at code? |
| disks, err := vs.nodeManager.GetAttachedDisks(convertToK8sType(node.ObjectMeta.Name)) | ||
| if err == nil { | ||
| for _, disk := range disks { | ||
| if err := vs.DetachDisk(disk, convertToK8sType(node.ObjectMeta.Name)); err != nil { |
There was a problem hiding this comment.
Here DetachDisk won't be retried if it fails (example: In case of network issue to vCenter) and still the volume will be attached to power off node. When kubernetes will retry to detach disk from the deleted node it will fail since node will be unregistered here.
|
@w-leads Thanks for fixing this. I think the right approach would be to report NodeName as Virtual Machine UUID. This way vSphere Cloud Provider will not have any need to maintain the mapping of nodeName to v1.Node or keep the state of attached and detached disk. |
|
@abrarshivani Thanks a lot for reviewing again! So what's your saying is following, is my understanding correct?
In this case, I have no idea to get the info again in case that controller-manager is restarted after the node is powered-off. This is because only VSphere.NodeAdded, NodeDeleted receive v1.Node which contains UUID. Please correct me if I'm wrong |
|
@w-leads Currently, vSphere Cloud Provider uses *v1.Node to get VM UUID and discover the nodes with the uuid. kubelet (if provided |
|
@abrarshivani Thanks for the info. That makes sense. Code will be more simple with vm UUID. |
w-leads
force-pushed
the
bugfix/vsphere-detach-from-removed-node
branch
3 times, most recently
from
5ec4340 to
9c3b9cc
Compare
|
@abrarshivani I made a commit and now detaching disks from removed node will be retried when it fails. If this attached-disks-info method is okay for now, would you take another look please? |
|
@w-leads Sounds good to me. Will take another look. Can you please create an issue to track Virtual Machine UUID as Nodename approach? |
| if len(nm.attachedDisks[convertToString(nodeName)]) == 0 { | ||
| delete(nm.attachedDisks, convertToString(nodeName)) | ||
| } | ||
| nm.attachedDisksLock.Unlock() |
There was a problem hiding this comment.
I would suggest to change this to
defer nm.attachedDisksLock.Unlock()
| func (nm *NodeManager) GetAttachedDisks(nodeName k8stypes.NodeName) []string { | ||
| nm.attachedDisksLock.Lock() | ||
| attachedDisks := nm.attachedDisks[convertToString(nodeName)] | ||
| nm.attachedDisksLock.Unlock() |
There was a problem hiding this comment.
I think attachedDisks needs to be protected with locks. Since this is the same object which will be accessed by RegisterAttachedDisk and UnRegisterAttachedDisk
| if err != nil { | ||
| return nil, err | ||
| } | ||
| func (vs *VSphere) convertVolPathsToDevicePaths(ctx context.Context, nodeName k8stypes.NodeName, volPaths []string) ([]string, error) { |
There was a problem hiding this comment.
Can we go with the earlier way where we accept nodeVolumes here? ErrVMNotFound error can be handled here.
There was a problem hiding this comment.
I suppose this change is necessary.
The function before this change received volumes on all nodes, and if any of nodes was not found, the function and VSphere.DisksAreAttached returned error. However attached-disks information needs to be re-registered in DisksAreAttached in case of controller manager restart. That's why I changed this func to handle volumes on a single node so that DisksAreAttached could just ignore removed nodes instead of returning error before reregistration.
Also, DisksAreAttached has a comment which says "// 5b. If VMs are removed from vSphere inventory they are ignored." So I suppose DisksAreAttached shouldn't give error at this point.
VCP fails to detach disk from powered-off node which is still in vcenter inventory. That's caused because VCP tries to detach disks after nodemanager has unregistered the node information.
This reverts commit 680ab089ce491f27c3602202761d2dd2625bec90.
This reverts commit 0738258143024a28917c4626f6474ffbee552a55.
This reverts commit eea9efdd61a25c3e74dbc54e11aae711ca499c85.
VCP fails to detach disk from powered-off node which is still in vcenter inventory. That's caused because VCP tries to detach disks after nodemanager has unregistered the node information.
w-leads
force-pushed
the
bugfix/vsphere-detach-from-removed-node
branch
from
673f44d to
7e323cf
Compare
|
[APPROVALNOTIFIER] This PR is NOT APPROVED This pull-request has been approved by: w-leads If they are not already assigned, you can assign the PR to them by writing The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
k8s-ci-robot
removed
the
needs-rebase
|
@w-leads: PR needs rebase. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
k8s-ci-robot
added
the
needs-rebase
| @@ -233,6 +236,19 @@ func init() { | |||
|
|
|||
| // Initialize passes a Kubernetes clientBuilder interface to the cloud provider | |||
| func (vs *VSphere) Initialize(clientBuilder controller.ControllerClientBuilder) { | |||
There was a problem hiding this comment.
Is this method getting invoked in Kubelet? If no, then we should fail the initialization if vs.informerFactory is not set.
Can you confirm if Initialize is invoked after SetInformers?
You are also introducing a vsphere-cloud-provider service account, wouldn't this break Kubernetes upgrade? How do you plan to address upgrade?
There was a problem hiding this comment.
I think we will have to install corresponding rbac policies as defaults.
There was a problem hiding this comment.
This does not get called from kubelet. Also Initialize is called after SetInformers, so I think we should be safe. Having said that, I think the code should work if it can't find configmap as well and revert to old behaviour when configmap isn't found.
| return nil, err | ||
| } | ||
| if configMap.Data == nil { | ||
| nm.vmUUIDConfigMapCache = make(map[string]string) |
There was a problem hiding this comment.
Giving configmap read and write permissions to vSphere Cloud Provider after launching k8s cluster will fail the volume operations. This happens due to node events are occurred before giving permissions and nodeName and vmUUID mapping is not cached at that time. Can you fix this?
There was a problem hiding this comment.
Installing the RBAC permissions via bootstrap policies should fix that right?
|
@w-leads does this PR really needs to be against master because IIRC master isn't affected by this bug. |
|
Issues go stale after 90d of inactivity. If this issue is safe to close now please do so with Send feedback to sig-testing, kubernetes/test-infra and/or fejta. |
k8s-ci-robot
added
the
lifecycle/stale
|
Stale issues rot after 30d of inactivity. If this issue is safe to close now please do so with Send feedback to sig-testing, kubernetes/test-infra and/or fejta. |
k8s-ci-robot
added
lifecycle/rotten
|
Rotten issues close after 30d of inactivity. Send feedback to sig-testing, kubernetes/test-infra and/or fejta. |
|
@fejta-bot: Closed this PR. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
What this PR does / why we need it:
vSphere cloud provider fails to detach disks from powered-off node when the node is still in vCenter inventory. Due to this behavior, the disk needs to be detached manually before powering it on.
This issue is caused because node information is removed from nodemanager when kubernetes detects powered-off node though the information is required when VCP attempts to detach disks afterward.
Which issue(s) this PR fixes (optional, in
fixes #<issue number>(, fixes #<issue_number>, ...)format, will close the issue(s) when PR gets merged):Fixes #
Special notes for your reviewer:
Release note: