feat: Support multiple MOFED DS #691
Conversation
rollandf
added
the
on hold
|
/retest-all |
rollandf
force-pushed
the
nodepool
branch
7 times, most recently
from
e765759
to
f1602c3
Compare
|
/retest-all |
rollandf
force-pushed
the
nodepool
branch
2 times, most recently
from
329b06a
to
57a1c3d
Compare
|
/retest-all |
|
/retest-blackduck_scan |
|
/retest-blackduck_scan |
rollandf
force-pushed
the
nodepool
branch
2 times, most recently
from
f1501b6
to
7556451
Compare
|
Depends on NVIDIA/k8s-operator-libs#8 |
rollandf
force-pushed
the
nodepool
branch
2 times, most recently
from
b3d392c
to
bf02b16
Compare
rollandf
force-pushed
the
nodepool
branch
2 times, most recently
from
ff1ffc2
to
b635fad
Compare
rollandf
removed
the
on hold
There was a problem hiding this comment.
General question - in the default case for someone updating to Network Operator 24.04 this will cause a full rollout of the DS across all nodes, even if the version of OFED etc. remains the same. The only way to avoid this AFAICT is to opt out of migration using an environment variable.
Is this the expected upgrade path for users in general? i.e. a network operator update requires a rollout of OFED - meaning nodes are offline for a non-trivial period?
pkg/utils/utils.go
Outdated
| func GetStringHash(s string) string { | ||
| hasher := fnv.New32a() | ||
| if _, err := hasher.Write([]byte(s)); err != nil { | ||
| panic(err) | ||
| } | ||
| return rand.SafeEncodeString(fmt.Sprint(hasher.Sum32())) | ||
| } |
There was a problem hiding this comment.
We should probably just keep this private and beside where it's used unless there's a reason to have it in this Utils package
There was a problem hiding this comment.
Agreed, moved to state package
| if err := migrate.Migrate(stopCtx, setupLog.WithName("migrate"), directClient); err != nil { | ||
| setupLog.Error(err, "failed to run migration logic") | ||
| os.Exit(1) | ||
| migrationCompletionChan := make(chan struct{}) | ||
| m := migrate.Migrator{ | ||
| K8sClient: directClient, | ||
| MigrationCh: migrationCompletionChan, | ||
| LeaderElection: enableLeaderElection, | ||
| Logger: ctrl.Log.WithName("Migrator"), | ||
| } |
There was a problem hiding this comment.
What's the reason for moving this logic to a runnable?
There was a problem hiding this comment.
We want to use the leader election mechanism and make sure it runs only when we get the leader election by using mgr.Add(&m) which requires a runnable.
Otherwise old instance of operator can recreate the DS after the new one deleted.
In Helm, we have a pre-hook that scale down the deployment, but we won't have it in OpenShift
There was a problem hiding this comment.
Would it be possible to deprecate the helm hooks in favor of this approach?
There was a problem hiding this comment.
I think one of thing we would like is to get rid of creating the instance of NicClusterPolicy as part of the helm before we go and remove this hook.
The process should be:
- upgrade operator
- wait for operator to be running
- update NCP with new values
There was a problem hiding this comment.
Let's try to get this prioritized IMO - makes a lot of things simpler for deploying network operator.
Usually, Network Operator release comes with a new MOFED, meaning a rollout of nodes during the upgrade. |
pkg/state/state_ofed.go
Outdated
| @@ -504,7 +516,7 @@ func (s *stateOFED) getInitContainerConfig( | |||
| // getMofedDriverImageName generates MOFED driver image name based on the driver version specified in CR | |||
| // TODO(adrianc): in Network-Operator v1.5.0, we should just use the new naming scheme | |||
There was a problem hiding this comment.
Can we remove this TODO? Not sure exactly what it's refereeing to.
| reqLogger.V(consts.LogLevelInfo).Info("No nodes with Mellanox NICs where found in the cluster.") | ||
| return []*unstructured.Unstructured{}, nil | ||
| } | ||
| objs := make([]*unstructured.Unstructured, 0) | ||
| renderedObjsMap := stateObjects{} | ||
| for _, np := range nodePools { |
There was a problem hiding this comment.
Could we break out what's inside this loop into a seperate function?
pkg/state/state_ofed.go
Outdated
| for _, np := range nodePools { | ||
| nodePool := np | ||
|
|
||
| useDtk := clusterInfo.IsOpenshift() && config.FromEnv().State.OFEDState.UseDTK |
There was a problem hiding this comment.
I think some of the actions in this loop - setting defaults on the NCP, checking if we useDTK, certconfig and repo config can be handled outside this loop and just passed into render the manifest when we need it. WDYT?
There was a problem hiding this comment.
Done.
certconfig and repo config need to be in the loop it needs osname, that in theory can different in pools
| select { | ||
| case <-r.MigrationCh: | ||
| case <-ctx.Done(): | ||
| return ctrl.Result{}, fmt.Errorf("canceled") | ||
| } |
There was a problem hiding this comment.
We should probably add this to all controllers - even if not strictly needed right now. Might even be worth doing a reconcile-wrapper, but I think this snipped as is in all controllers is good enough for now. Maybe also add a comment to give folks clues as to what we're waiting for at this point.
There was a problem hiding this comment.
nit: it would be good to make it in a separate commit
rollandf
force-pushed
the
nodepool
branch
2 times, most recently
from
cde2088
to
7d70631
Compare
There was a problem hiding this comment.
Just some nits around logging - maybe worth taking as a follow-up. One log that's wrong and elsewhere we shouldn't be logging if we're returning the error.
If we want to add context we should wrap the error but let controller runtime do the logging so it's not confusing and duplicated for users.
pkg/migrate/migrate.go
Outdated
| @@ -55,6 +84,11 @@ func migrate(ctx context.Context, log logr.Logger, c client.Client) error { | |||
| log.V(consts.LogLevelError).Error(err, "error trying to remove state label on NV IPAM configmap") | |||
| return err | |||
| } | |||
| if err := handleSingleMofedDS(ctx, log, c); err != nil { | |||
| // critical for the operator operation, will fail Mofed migration | |||
| log.V(consts.LogLevelError).Error(err, "error trying to remove state label on NV IPAM configmap") | |||
There was a problem hiding this comment.
This error message should be updated
pkg/migrate/migrate.go
Outdated
| log.V(consts.LogLevelDebug).Info("NIC ClusterPolicy not found, skip handling single MOFED DS") | ||
| return nil | ||
| } else if err != nil { | ||
| log.V(consts.LogLevelError).Error(err, "fail to get NIC ClusterPolicy") |
There was a problem hiding this comment.
No need to log if we're returning the error here AFAIK.
Mofed driver precompiled container images are compiled using a specific Kernel. As a result, the Mofed Driver DaemonSet should have the Kernel as part of the Node Selector. In addition, since there can be Nodes with different Kernel versions, a DaemonSet for each existing Kernel in the cluster is created. In the Migration module, the former DS is deleted with DeletePropagationOrphan so that MOFED pods will still exists until manual or auto-upgrade is done. Signed-off-by: Fred Rolland <[email protected]>
| select { | ||
| case <-r.MigrationCh: | ||
| case <-ctx.Done(): | ||
| return ctrl.Result{}, fmt.Errorf("canceled") | ||
| } |
There was a problem hiding this comment.
nit: it would be good to make it in a separate commit
Mofed driver precompiled container images
are compiled using a specific Kernel.
As a result, the Mofed Driver DaemonSet should
have the Kernel as part of the Node Selector.
In addition, since there can be Nodes with different Kernel versions, a DaemonSet for each existing Kernel in the cluster is created.