PodMounter: Add Mountpoint Pod Sharing Support#439
Conversation
yerzhan7
had a problem deploying
to
approval-gate
GitHub Actions
Failure
yerzhan7
had a problem deploying
to
approval-gate
GitHub Actions
Failure
|
General question: What is the motivation for transitioning from a systemd-based mounter to a pod-based mounter? |
|
Hey @anurag4DSB, see #279 and the linked issues for more details on the motivation why we're moving away from |
Thank you so much. Appreciate the prompt response. |
| var sb strings.Builder | ||
| for _, k := range keys { | ||
| sb.WriteString(k) | ||
| sb.WriteString("=") |
There was a problem hiding this comment.
nit: You can also use WriteRune for single characters but perf wouldn't matter much here probably. So it's fine to keep it as-is as well
| crdv1beta.FieldAuthenticationSource: authSource, | ||
| } | ||
|
|
||
| if authSource == "pod" { |
There was a problem hiding this comment.
Maybe use the constant credentialprovider.AuthenticationSourcePod here? We should probably move these constants to a different package than node/... as now they're also used in controller environment as well but we can do it later
There was a problem hiding this comment.
Fixed. Will address moving to different package separately.
| volumeAttributes := mppod.ExtractVolumeAttributes(pv) | ||
| authSource := volumeAttributes[volumecontext.AuthenticationSource] | ||
| if authSource == "" { | ||
| return "driver" |
There was a problem hiding this comment.
Maybe use credentialprovider.AuthenticationSourceDriver here as well? I feel like defaulting to driver logic should be kept in either credentialprovider or volumecontext package maybe, but we can also address it later
There was a problem hiding this comment.
Yeah, this logic is duplicated, will address it separately.
| // handleInactivePod handles inactive workload pod. | ||
| func (r *Reconciler) handleInactivePod(ctx context.Context, s3pa *crdv1beta.MountpointS3PodAttachment, workloadUID string, log logr.Logger) (bool, error) { | ||
| if s3pa == nil { | ||
| log.Info("Workload pod is not active. Did not find any MountpointS3PodAttachments.") |
There was a problem hiding this comment.
Should we check if we have a pending expectation here? And if so we should requeue it to ensure it would properly clean up once the expectation is satisfied?
There was a problem hiding this comment.
We can add pending expectation check, but most likely if we requeue inactive pod event next time reconciler would just skip it completely because by that time Workload Pod won't be found. I.e. cleanup will be handled by periodic stale attachment cleanup job.
Since handleInactivePod() is "best effort" anyway at the moment I don't think we need this extra check.
Maybe even we don't need handleInactivePod() method at all, and we should rely fully on stale attachment cleaner instead.
| volumeId := mpPod.Labels[mppod.LabelVolumeId] | ||
|
|
||
| if err := u.writeExitFile(podPath); err != nil { | ||
| return |
There was a problem hiding this comment.
Would be nice to log errors here, and also maybe move this logic to a separate function as it's probably the same as what unmount does
| } | ||
|
|
||
| if mpPod == nil { | ||
| klog.V(4).Infof("Mountpoint Pod not found for UID %s, will unmount and delete folder", mpPodUID) |
There was a problem hiding this comment.
Wonder if eventual consistency could cause problems here? Maybe we should keep a counter of not founds and delete it only after N times?
There was a problem hiding this comment.
I think it should not cause an issue because source Mountpoint is created only during NPV call which waits for for that Pod to be available in local cache. I.e. if the source folder exists (and we do not need to unmount) MP Pod should be in cache already.
Plus, we also wait for full Pod cache sync during driver start up before starting periodic cleanup job.
| } | ||
|
|
||
| if mpPod == nil { | ||
| klog.V(4).Infof("Mountpoint Pod not found for UID %s, will unmount and delete folder", mpPodUID) |
There was a problem hiding this comment.
I think it should not cause an issue because source Mountpoint is created only during NPV call which waits for for that Pod to be available in local cache. I.e. if the source folder exists (and we do not need to unmount) MP Pod should be in cache already.
Plus, we also wait for full Pod cache sync during driver start up before starting periodic cleanup job.
3 participants
Issue: #353
Description of changes: This PR adds support for sharing Mountpoint Pods between multiple workload pods when they have compatible configurations. This optimization reduces resource usage by reusing existing Mountpoint Pods instead of creating a new one for each workload pod.
Key Changes:
Custom Resource Definition
Controller Changes
Node Changes
needs-unmountannotation handling for graceful pod cleanupTesting
By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.