Reorder API calls after successful detach #624
Conversation
Remove a finalizer on a VolumeAttachment (VA) first and then mark its state as detached (if the object still exists). This ensures that ControllerUnpublish is called only once. It won't be called on VA without the finalizer, even if it has `attached: true`. The other way around, i.e. marking the VA as detached first and removing the finalizer later, it can happen that the attacher calls ControllerUnpublish twice. A VA with the finalizer, deletionTimestamp and `attacher: false` is considered as "uncertainly attached" - a previous ControllerPublish might have timed out and the attacher needs to confirm the volume is detached with ControllerUnpublish.
k8s-ci-robot
added
release-note
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: jsafrane The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
k8s-ci-robot
added
approved
jsafrane
changed the title
jsafrane
changed the title
|
/assign |
There was a problem hiding this comment.
markAsDetached changes look good to me and indeed remove all duplicate ControllerUnpublish calls.
Validated pr by running 100 replica sts scale tests comparing attacher built from this commit vs v4.8.0. (On Karpenter auto-scalar managed nodes)
Before PR, 17 extra ControllerPublish calls are made. After PR no extra calls are made. See full metrics and attacher logs in this gist.
Thanks!
PS: In Feb 5 SIG Triage I mentioned Karpenter may rely on VA resource. On further look Karpenter only relies on existence of VA resource to stall node termination, not va.attached, so this PR is safe for Karpenter.
|
Non-existence of VA objects and /lgtm |
k8s-ci-robot
added
the
lgtm
What type of PR is this?
/kind bug
What this PR does / why we need it:
Remove a finalizer on a VolumeAttachment (VA) first and then mark its state as detached (if the object still exists).
This ensures that
ControllerUnpublishis called only once. It won't be called on VA without the finalizer, even if it hasattached: true.The other way around, i.e. marking the VA as detached first and removing the finalizer later, it can happen that the attacher calls
ControllerUnpublishtwice. A VA with the finalizer,deletionTimestampandattached: falseis considered as "uncertainly attached" - a previousControllerPublishmight have timed out and the attacher needs to confirm the volume is detached withControllerUnpublish.From outer perspective:
attached: falsefirst and then the finalizer is removed. (AndControllerUnpublishmay be called twice).attached: false. A deleted VolumeAttachment should be considered as detached. (AndControllerUnpublishis called once).Which issue(s) this PR fixes:
Fixes #587
Does this PR introduce a user-facing change?: