RFC for Degraded NodePool Status Condition #1910
Conversation
k8s-ci-robot
added
the
do-not-merge/work-in-progress
|
[APPROVALNOTIFIER] This PR is NOT APPROVED This pull-request has been approved by: jigisha620 The full list of commands accepted by this bot can be found here.
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
k8s-ci-robot
added
the
cncf-cla: yes
|
Hi @jigisha620. Thanks for your PR. I'm waiting for a kubernetes-sigs member to verify that this patch is reasonable to test. If it is, they should reply with Once the patch is verified, the new status will be reflected by the I understand the commands that are listed here. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. |
k8s-ci-robot
added
needs-ok-to-test
jigisha620
force-pushed
the
degraded-nodepool-rfc
branch
from
79262b2 to
1bc7741
Compare
Pull Request Test Coverage Report for Build 12718791708Details
💛 - Coveralls |
designs/degraded-nodepools.md
Outdated
|
|
||
| #### Considerations | ||
|
|
||
| 1. 👎 Heuristics can be wrong and mask failures |
There was a problem hiding this comment.
Could you elaborate on what type of failures are being masked? As for it being wrong, I'm wondering if we should only consider degraded unknown or true. Maybe we don't ever transition it to false?
designs/degraded-nodepools.md
Outdated
|
|
||
| One example is that when a network path does not exist due to a misconfigured VPC (network access control lists, subnets, route tables), Karpenter will not be able to provision compute with that NodeClass that joins the cluster until the error is fixed. Crucially, this will continue to charge users for compute that can never be used in a cluster. | ||
|
|
||
| To improve visibility of these failure modes, this RFC proposes adding a `Degraded` status condition on the Nodepool that indicate to cluster users there may be a problem with a NodePool/NodeClass combination that needs to be investigated and corrected. |
There was a problem hiding this comment.
I think like Jason has called out online and offline, I would make our motivation front and center here. Why do we think that there is a need for something like this to exist? Does it make tracking down failures to NodePools easier? Does alarming get easier with this kind of a setup?
designs/degraded-nodepools.md
Outdated
|
|
||
| Karpenter can launch nodes with a NodePool that will never join a cluster when a NodeClass is misconfigured. | ||
|
|
||
| One example is that when a network path does not exist due to a misconfigured VPC (network access control lists, subnets, route tables), Karpenter will not be able to provision compute with that NodeClass that joins the cluster until the error is fixed. Crucially, this will continue to charge users for compute that can never be used in a cluster. |
There was a problem hiding this comment.
I think listing out tangible, real faillure types that this will catch will help illuminate how we design this.
designs/degraded-nodepools.md
Outdated
| Evaluation conditions - | ||
|
|
||
| 1. We start with an empty buffer with `Degraded: Unknown`. | ||
| 2. There have to be 2 minimum failures in the buffer for `Degraded` to transition to `True` or basically the threshold would be 80%. |
There was a problem hiding this comment.
One thing that I still feel like would be better here is if we considered flipping the polarity of this condition type at all -- Degraded: False meaning that it's healthy feels a bit weird to me but I get that we have to come up with some other word besides "Degraded" that isn't "Ready" and probably isn't "Healthy" to really reflect what this condition is evaluating
designs/degraded-nodepools.md
Outdated
| Unsuccessful Launch: -1 | ||
|
|
||
| [] = 'Degraded: Unknown' | ||
| [-1] = 'Degraded: Unknown' |
There was a problem hiding this comment.
nit: It's slightly confusing to call this "Degraded: Unknown". The only reason that I say that is becasue this doesn't necessarily mean that we transition the condition to Unknown when the condition is already set -- I know this is said above but I did find it a tad semantically odd as I was reading through this and trying to parse-out the design
jigisha620
force-pushed
the
degraded-nodepool-rfc
branch
from
1bc7741 to
3ffdbcc
Compare
jigisha620
changed the title
k8s-ci-robot
removed
the
do-not-merge/work-in-progress
| Last Transition Time: 2025-01-13T18:57:20Z | ||
| Message: | ||
| Observed Generation: 1 | ||
| Reason: Degraded |
There was a problem hiding this comment.
One thing that I had discussed with Reed is making Reason a more structured object and putting a serialized string output of that here since I understand that this has to be a string. That way, we can expose more details including error codes mentioning the reason behind the degradation, expose resource IDs/dependents causing it as well as have more than one reason for the degradation. Making it a structured object will also allow us to parse it better for metrics.
Description
Adding RFC for Degraded NodePool Status Condition.
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.