kubelet: Add --exit-on-lock-contention flag

This patch adds the --exit-on-lock-contention flag, which must be used
in conjunction with the --lock-file flag. When provided, it causes the
kubelet to wait for inotify events for that lock file. When an 'open'
event is received, the kubelet will exit.
This commit is contained in:
Derek Parker
2016-05-05 15:24:54 -07:00
parent 835a2577f8
commit f307e97f87
11 changed files with 818 additions and 685 deletions

View File

@@ -116,6 +116,7 @@ func NewKubeletServer() *KubeletServer {
NodeLabels: make(map[string]string), NodeLabels: make(map[string]string),
OOMScoreAdj: int32(qos.KubeletOOMScoreAdj), OOMScoreAdj: int32(qos.KubeletOOMScoreAdj),
LockFilePath: "", LockFilePath: "",
ExitOnLockContention: false,
PodInfraContainerImage: GetDefaultPodInfraContainerImage(), PodInfraContainerImage: GetDefaultPodInfraContainerImage(),
Port: ports.KubeletPort, Port: ports.KubeletPort,
ReadOnlyPort: ports.KubeletReadOnlyPort, ReadOnlyPort: ports.KubeletReadOnlyPort,
@@ -220,6 +221,7 @@ func (s *KubeletServer) AddFlags(fs *pflag.FlagSet) {
fs.StringVar(&s.CgroupRoot, "cgroup-root", s.CgroupRoot, "Optional root cgroup to use for pods. This is handled by the container runtime on a best effort basis. Default: '', which means use the container runtime default.") fs.StringVar(&s.CgroupRoot, "cgroup-root", s.CgroupRoot, "Optional root cgroup to use for pods. This is handled by the container runtime on a best effort basis. Default: '', which means use the container runtime default.")
fs.StringVar(&s.ContainerRuntime, "container-runtime", s.ContainerRuntime, "The container runtime to use. Possible values: 'docker', 'rkt'. Default: 'docker'.") fs.StringVar(&s.ContainerRuntime, "container-runtime", s.ContainerRuntime, "The container runtime to use. Possible values: 'docker', 'rkt'. Default: 'docker'.")
fs.StringVar(&s.LockFilePath, "lock-file", s.LockFilePath, "<Warning: Alpha feature> The path to file for kubelet to use as a lock file.") fs.StringVar(&s.LockFilePath, "lock-file", s.LockFilePath, "<Warning: Alpha feature> The path to file for kubelet to use as a lock file.")
fs.BoolVar(&s.ExitOnLockContention, "exit-on-lock-contention", s.ExitOnLockContention, "Whether kubelet should exit upon lock-file contention.")
fs.StringVar(&s.RktPath, "rkt-path", s.RktPath, "Path of rkt binary. Leave empty to use the first rkt in $PATH. Only used if --container-runtime='rkt'.") fs.StringVar(&s.RktPath, "rkt-path", s.RktPath, "Path of rkt binary. Leave empty to use the first rkt in $PATH. Only used if --container-runtime='rkt'.")
fs.StringVar(&s.RktAPIEndpoint, "rkt-api-endpoint", s.RktAPIEndpoint, "The endpoint of the rkt API service to communicate with. Only used if --container-runtime='rkt'.") fs.StringVar(&s.RktAPIEndpoint, "rkt-api-endpoint", s.RktAPIEndpoint, "The endpoint of the rkt API service to communicate with. Only used if --container-runtime='rkt'.")
fs.StringVar(&s.RktStage1Image, "rkt-stage1-image", s.RktStage1Image, "image to use as stage1. Local paths and http/https URLs are supported. If empty, the 'stage1.aci' in the same directory as '--rkt-path' will be used.") fs.StringVar(&s.RktStage1Image, "rkt-stage1-image", s.RktStage1Image, "image to use as stage1. Local paths and http/https URLs are supported. If empty, the 'stage1.aci' in the same directory as '--rkt-path' will be used.")

View File

@@ -19,6 +19,7 @@ package app
import ( import (
"crypto/tls" "crypto/tls"
"errors"
"fmt" "fmt"
"math/rand" "math/rand"
"net" "net"
@@ -289,11 +290,22 @@ func Run(s *options.KubeletServer, kcfg *KubeletConfig) error {
} }
func run(s *options.KubeletServer, kcfg *KubeletConfig) (err error) { func run(s *options.KubeletServer, kcfg *KubeletConfig) (err error) {
if s.ExitOnLockContention && s.LockFilePath == "" {
return errors.New("cannot exit on lock file contention: no lock file specified")
}
done := make(chan struct{})
if s.LockFilePath != "" { if s.LockFilePath != "" {
glog.Infof("aquiring lock on %q", s.LockFilePath) glog.Infof("aquiring lock on %q", s.LockFilePath)
if err := flock.Acquire(s.LockFilePath); err != nil { if err := flock.Acquire(s.LockFilePath); err != nil {
return fmt.Errorf("unable to aquire file lock on %q: %v", s.LockFilePath, err) return fmt.Errorf("unable to aquire file lock on %q: %v", s.LockFilePath, err)
} }
if s.ExitOnLockContention {
glog.Infof("watching for inotify events for: %v", s.LockFilePath)
if err := watchForLockfileContention(s.LockFilePath, done); err != nil {
return err
}
}
} }
if c, err := configz.New("componentconfig"); err == nil { if c, err := configz.New("componentconfig"); err == nil {
c.Set(s.KubeletConfiguration) c.Set(s.KubeletConfiguration)
@@ -383,8 +395,8 @@ func run(s *options.KubeletServer, kcfg *KubeletConfig) (err error) {
return nil return nil
} }
// run forever <-done
select {} return nil
} }
// InitializeTLS checks for a configured TLSCertFile and TLSPrivateKeyFile: if unspecified a new self-signed // InitializeTLS checks for a configured TLSCertFile and TLSPrivateKeyFile: if unspecified a new self-signed

View File

@@ -0,0 +1,44 @@
/*
Copyright 2015 The Kubernetes Authors All rights reserved.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
package app
import (
"github.com/golang/glog"
"golang.org/x/exp/inotify"
)
func watchForLockfileContention(path string, done chan struct{}) error {
watcher, err := inotify.NewWatcher()
if err != nil {
glog.Errorf("unable to create watcher for lockfile: %v", err)
return err
}
if err = watcher.AddWatch(path, inotify.IN_OPEN|inotify.IN_DELETE_SELF); err != nil {
glog.Errorf("unable to watch lockfile: %v", err)
return err
}
go func() {
select {
case ev := <-watcher.Event:
glog.Infof("inotify event: %v", ev)
case err = <-watcher.Error:
glog.Errorf("inotify watcher error: %v", err)
}
close(done)
}()
return nil
}

View File

@@ -17,8 +17,9 @@ limitations under the License.
package app package app
import ( import (
"k8s.io/kubernetes/pkg/util/config"
"testing" "testing"
"k8s.io/kubernetes/pkg/util/config"
) )
func TestValueOfAllocatableResources(t *testing.T) { func TestValueOfAllocatableResources(t *testing.T) {

View File

@@ -0,0 +1,25 @@
// +build !linux
/*
Copyright 2015 The Kubernetes Authors All rights reserved.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
package app
import "errors"
func watchForLockfileContention(path string, done chan struct{}) error {
return errors.New("kubelet unsupported in this build")
}

View File

@@ -92,6 +92,7 @@ kubelet
--eviction-pressure-transition-period=5m0s: Duration for which the kubelet has to wait before transitioning out of an eviction pressure condition. --eviction-pressure-transition-period=5m0s: Duration for which the kubelet has to wait before transitioning out of an eviction pressure condition.
--eviction-soft="": A set of eviction thresholds (e.g. memory.available<1.5Gi) that if met over a corresponding grace period would trigger a pod eviction. --eviction-soft="": A set of eviction thresholds (e.g. memory.available<1.5Gi) that if met over a corresponding grace period would trigger a pod eviction.
--eviction-soft-grace-period="": A set of eviction grace periods (e.g. memory.available=1m30s) that correspond to how long a soft eviction threshold must hold before triggering a pod eviction. --eviction-soft-grace-period="": A set of eviction grace periods (e.g. memory.available=1m30s) that correspond to how long a soft eviction threshold must hold before triggering a pod eviction.
--exit-on-lock-contention[=false]: Whether kubelet should exit upon lock-file contention.
--experimental-flannel-overlay[=false]: Experimental support for starting the kubelet with the default overlay network (flannel). Assumes flanneld is already running in client mode. [default=false] --experimental-flannel-overlay[=false]: Experimental support for starting the kubelet with the default overlay network (flannel). Assumes flanneld is already running in client mode. [default=false]
--experimental-nvidia-gpus=0: Number of NVIDIA GPU devices on this node. Only 0 (default) and 1 are currently supported. --experimental-nvidia-gpus=0: Number of NVIDIA GPU devices on this node. Only 0 (default) and 1 are currently supported.
--file-check-frequency=20s: Duration between checking config files for new data --file-check-frequency=20s: Duration between checking config files for new data
@@ -159,7 +160,7 @@ kubelet
--volume-stats-agg-period=1m0s: Specifies interval for kubelet to calculate and cache the volume disk usage for all pods and volumes. To disable volume calculations, set to 0. Default: '1m' --volume-stats-agg-period=1m0s: Specifies interval for kubelet to calculate and cache the volume disk usage for all pods and volumes. To disable volume calculations, set to 0. Default: '1m'
``` ```
###### Auto generated by spf13/cobra on 13-May-2016 ###### Auto generated by spf13/cobra on 18-May-2016
<!-- BEGIN MUNGE: GENERATED_ANALYTICS --> <!-- BEGIN MUNGE: GENERATED_ANALYTICS -->

View File

@@ -133,6 +133,7 @@ experimental-nvidia-gpus
experimental-prefix experimental-prefix
external-hostname external-hostname
external-ip external-ip
exit-on-lock-contention
failover-timeout failover-timeout
failure-domains failure-domains
fake-clientset fake-clientset

View File

@@ -272,6 +272,7 @@ func DeepCopy_componentconfig_KubeletConfiguration(in KubeletConfiguration, out
out.RktAPIEndpoint = in.RktAPIEndpoint out.RktAPIEndpoint = in.RktAPIEndpoint
out.RktStage1Image = in.RktStage1Image out.RktStage1Image = in.RktStage1Image
out.LockFilePath = in.LockFilePath out.LockFilePath = in.LockFilePath
out.ExitOnLockContention = in.ExitOnLockContention
out.ConfigureCBR0 = in.ConfigureCBR0 out.ConfigureCBR0 = in.ConfigureCBR0
out.HairpinMode = in.HairpinMode out.HairpinMode = in.HairpinMode
out.BabysitDaemons = in.BabysitDaemons out.BabysitDaemons = in.BabysitDaemons

File diff suppressed because it is too large Load Diff

View File

@@ -273,6 +273,11 @@ type KubeletConfiguration struct {
// It uses this file as a lock to synchronize with other kubelet processes // It uses this file as a lock to synchronize with other kubelet processes
// that may be running. // that may be running.
LockFilePath string `json:"lockFilePath"` LockFilePath string `json:"lockFilePath"`
// ExitOnLockContention is a flag that signifies to the kubelet that it is running
// in "bootstrap" mode. This requires that 'LockFilePath' has been set.
// This will cause the kubelet to listen to inotify events on the lock file,
// releasing it and exiting when another process tries to open that file.
ExitOnLockContention bool `json:"exitOnLockContention"`
// configureCBR0 enables the kublet to configure cbr0 based on // configureCBR0 enables the kublet to configure cbr0 based on
// Node.Spec.PodCIDR. // Node.Spec.PodCIDR.
ConfigureCBR0 bool `json:"configureCbr0"` ConfigureCBR0 bool `json:"configureCbr0"`

View File

@@ -69,7 +69,7 @@ type Runtime interface {
APIVersion() (Version, error) APIVersion() (Version, error)
// Status returns error if the runtime is unhealthy; nil otherwise. // Status returns error if the runtime is unhealthy; nil otherwise.
Status() error Status() error
// GetPods returns a list containers group by pods. The boolean parameter // GetPods returns a list of containers grouped by pods. The boolean parameter
// specifies whether the runtime returns all containers including those already // specifies whether the runtime returns all containers including those already
// exited and dead containers (used for garbage collection). // exited and dead containers (used for garbage collection).
GetPods(all bool) ([]*Pod, error) GetPods(all bool) ([]*Pod, error)