Fix Race conditions in Targeted Deletion of machines by CA

cluster-autoscaler/cloudprovider/mcm/mcm_cloud_provider.go

@@ -24,8 +24,13 @@ package mcm
 import (
 	"context"
 	"fmt"
+	"github.com/gardener/machine-controller-manager/pkg/apis/machine/v1alpha1"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	"k8s.io/apimachinery/pkg/util/sets"
+	"slices"
 	"strconv"
 	"strings"
+	"sync"
 	"time"
 
 	apiv1 "k8s.io/api/core/v1"
@@ -67,15 +72,14 @@ const (
 // MCMCloudProvider implements the cloud provider interface for machine-controller-manager
 // Reference: https://github.com/gardener/machine-controller-manager
 type mcmCloudProvider struct {
-	mcmManager         *McmManager
-	machinedeployments map[types.NamespacedName]*MachineDeployment
-	resourceLimiter    *cloudprovider.ResourceLimiter
+	mcmManager      *McmManager
+	resourceLimiter *cloudprovider.ResourceLimiter
 }
 
 // BuildMcmCloudProvider builds CloudProvider implementation for machine-controller-manager.
 func BuildMcmCloudProvider(mcmManager *McmManager, resourceLimiter *cloudprovider.ResourceLimiter) (cloudprovider.CloudProvider, error) {
 	if mcmManager.discoveryOpts.StaticDiscoverySpecified() {
-		return buildStaticallyDiscoveringProvider(mcmManager, mcmManager.discoveryOpts.NodeGroupSpecs, resourceLimiter)
+		return buildStaticallyDiscoveringProvider(mcmManager, resourceLimiter)
 	}
 	return nil, fmt.Errorf("Failed to build an mcm cloud provider: Either node group specs or node group auto discovery spec must be specified")
 }
@@ -96,16 +100,10 @@ func BuildMCM(opts config.AutoscalingOptions, do cloudprovider.NodeGroupDiscover
 	return provider
 }
 
-func buildStaticallyDiscoveringProvider(mcmManager *McmManager, specs []string, resourceLimiter *cloudprovider.ResourceLimiter) (*mcmCloudProvider, error) {
+func buildStaticallyDiscoveringProvider(mcmManager *McmManager, resourceLimiter *cloudprovider.ResourceLimiter) (*mcmCloudProvider, error) {
 	mcm := &mcmCloudProvider{
-		mcmManager:         mcmManager,
-		machinedeployments: make(map[types.NamespacedName]*MachineDeployment),
-		resourceLimiter:    resourceLimiter,
-	}
-	for _, spec := range specs {
-		if err := mcm.addNodeGroup(spec); err != nil {
-			return nil, err
-		}
+		mcmManager:      mcmManager,
+		resourceLimiter: resourceLimiter,
 	}
 	return mcm, nil
 }
@@ -116,31 +114,14 @@ func (mcm *mcmCloudProvider) Cleanup() error {
 	return nil
 }
 
-// addNodeGroup adds node group defined in string spec. Format:
-// minNodes:maxNodes:namespace.machineDeploymentName
-func (mcm *mcmCloudProvider) addNodeGroup(spec string) error {
-	machinedeployment, err := buildMachineDeploymentFromSpec(spec, mcm.mcmManager)
-	if err != nil {
-		return err
-	}
-	mcm.addMachineDeployment(machinedeployment)
-	return nil
-}
-
-func (mcm *mcmCloudProvider) addMachineDeployment(machinedeployment *MachineDeployment) {
-	key := types.NamespacedName{Namespace: machinedeployment.Namespace, Name: machinedeployment.Name}
-	mcm.machinedeployments[key] = machinedeployment
-	return
-}
-
 func (mcm *mcmCloudProvider) Name() string {
 	return "machine-controller-manager"
 }
 
 // NodeGroups returns all node groups configured for this cloud provider.
 func (mcm *mcmCloudProvider) NodeGroups() []cloudprovider.NodeGroup {
-	result := make([]cloudprovider.NodeGroup, 0, len(mcm.machinedeployments))
-	for _, machinedeployment := range mcm.machinedeployments {
+	result := make([]cloudprovider.NodeGroup, 0, len(mcm.mcmManager.machineDeployments))
+	for _, machinedeployment := range mcm.mcmManager.machineDeployments {
 		if machinedeployment.maxSize == 0 {
 			continue
 		}
@@ -172,7 +153,7 @@ func (mcm *mcmCloudProvider) NodeGroupForNode(node *apiv1.Node) (cloudprovider.N
 	}
 
 	key := types.NamespacedName{Namespace: md.Namespace, Name: md.Name}
-	_, isManaged := mcm.machinedeployments[key]
+	_, isManaged := mcm.mcmManager.machineDeployments[key]
 	if !isManaged {
 		klog.V(4).Infof("Skipped node %v, it's not managed by this controller", node.Spec.ProviderID)
 		return nil, nil
@@ -293,8 +274,9 @@ type MachineDeployment struct {
 
 	mcmManager *McmManager
 
-	minSize int
-	maxSize int
+	scalingMutex sync.Mutex
+	minSize      int
+	maxSize      int
 }
 
 // MaxSize returns maximum size of the node group.
@@ -343,6 +325,8 @@ func (machinedeployment *MachineDeployment) IncreaseSize(delta int) error {
 	if delta <= 0 {
 		return fmt.Errorf("size increase must be positive")
 	}
+	machinedeployment.scalingMutex.Lock()
+	defer machinedeployment.scalingMutex.Unlock()
 	size, err := machinedeployment.mcmManager.GetMachineDeploymentSize(machinedeployment)
 	if err != nil {
 		return err
@@ -366,6 +350,8 @@ func (machinedeployment *MachineDeployment) DecreaseTargetSize(delta int) error
 	if delta >= 0 {
 		return fmt.Errorf("size decrease size must be negative")
 	}
+	machinedeployment.scalingMutex.Lock()
+	defer machinedeployment.scalingMutex.Unlock()
 	size, err := machinedeployment.mcmManager.GetMachineDeploymentSize(machinedeployment)
 	if err != nil {
 		return err
@@ -380,6 +366,54 @@ func (machinedeployment *MachineDeployment) DecreaseTargetSize(delta int) error
 	}, "MachineDeployment", "update", machinedeployment.Name)
 }
 
+// Refresh resets the priority annotation for the machines that are not present in machines-marked-by-ca-for-deletion annotation on the machineDeployment
+func (machineDeployment *MachineDeployment) Refresh() error {
+	machineDeployment.scalingMutex.Lock()
+	defer machineDeployment.scalingMutex.Unlock()
+	mcd, err := machineDeployment.mcmManager.machineDeploymentLister.MachineDeployments(machineDeployment.Namespace).Get(machineDeployment.Name)
+	if err != nil {
+		return fmt.Errorf("failed to get machine deployment %s: %v", machineDeployment.Name, err)
+	}
+	// ignore the machine deployment if it is in rolling update
+	if !isRollingUpdateFinished(mcd) {
+		klog.Infof("machine deployment %s is under rolling update, skipping", machineDeployment.Name)
+		return nil
+	}
+	markedMachines := sets.New(strings.Split(mcd.Annotations[machinesMarkedByCAForDeletion], ",")...)
+	machines, err := machineDeployment.mcmManager.getMachinesForMachineDeployment(machineDeployment.Name)
+	if err != nil {
+		klog.Errorf("[Refresh] failed to get machines for machine deployment %s, hence skipping it. Err: %v", machineDeployment.Name, err.Error())
+		return err
+	}
+	var incorrectlyMarkedMachines []*Ref
+	for _, machine := range machines {
+		// no need to reset priority for machines already in termination or failed phase
+		if machine.Status.CurrentStatus.Phase == v1alpha1.MachineTerminating || machine.Status.CurrentStatus.Phase == v1alpha1.MachineFailed {
+			continue
+		}
+		if annotValue, ok := machine.Annotations[machinePriorityAnnotation]; ok && annotValue == priorityValueForCandidateMachines && !markedMachines.Has(machine.Name) {
+			incorrectlyMarkedMachines = append(incorrectlyMarkedMachines, &Ref{Name: machine.Name, Namespace: machine.Namespace})
+		}
+	}
+	var updatedMarkedMachines []string
+	for machineName := range markedMachines {
+		if slices.ContainsFunc(machines, func(mc *v1alpha1.Machine) bool {
+			return mc.Name == machineName
+		}) {
+			updatedMarkedMachines = append(updatedMarkedMachines, machineName)
+		}
+	}
+	clone := mcd.DeepCopy()
+	clone.Annotations[machinesMarkedByCAForDeletion] = strings.Join(updatedMarkedMachines, ",")
+	ctx, cancelFn := context.WithTimeout(context.Background(), machineDeployment.mcmManager.maxRetryTimeout)
+	defer cancelFn()
+	_, err = machineDeployment.mcmManager.machineClient.MachineDeployments(machineDeployment.Namespace).Update(ctx, clone, metav1.UpdateOptions{})
+	if err != nil {
+		return err
+	}
+	return machineDeployment.mcmManager.resetPriorityForMachines(incorrectlyMarkedMachines)
+}
+
 // Belongs returns true if the given node belongs to the NodeGroup.
 // TODO: Implement this to iterate over machines under machinedeployment, and return true if node exists in list.
 func (machinedeployment *MachineDeployment) Belongs(node *apiv1.Node) (bool, error) {
@@ -541,9 +575,10 @@ func buildMachineDeploymentFromSpec(value string, mcmManager *McmManager) (*Mach
 
 func buildMachineDeployment(mcmManager *McmManager, minSize int, maxSize int, namespace string, name string) *MachineDeployment {
 	return &MachineDeployment{
-		mcmManager: mcmManager,
-		minSize:    minSize,
-		maxSize:    maxSize,
+		mcmManager:   mcmManager,
+		minSize:      minSize,
+		maxSize:      maxSize,
+		scalingMutex: sync.Mutex{},
 		Ref: Ref{
 			Name:      name,
 			Namespace: namespace,