Add kubevirt hypervisor #3841
Add kubevirt hypervisor #3841
Conversation
zedi-pramodh
requested review from
rene,
rouming,
milan-zededa and
eriknordmark
as code owners
github-actions
bot
requested review from
jsfakian,
OhmSpectator,
rucoder,
shjala and
uncleDecart
| var i int | ||
| var status string | ||
| var err error | ||
| for { |
There was a problem hiding this comment.
What is the reason to check 6 times? It sounds arbitrary.
Moreover why is an endless loop needed?
There was a problem hiding this comment.
yes, we should put some comments around, and maybe defined a const for the total wait time on this.
There was a problem hiding this comment.
Thx. That sounds good.
There was a problem hiding this comment.
@naiming-zededa your response needed here.
There was a problem hiding this comment.
@zedi-pramodh can you define a const
const WaitForPodCheckCounter 5 // we check each 15 seconds, don't wait for too long to cause watchdog
and also before the 'for {' add comment:
// wait for pod to be in running state, sometimes can take long, but we only wait for
// about a minute in order not to cause watchdog action
and also in 'if i > 5 {', change to use the const
There was a problem hiding this comment.
ack. will be in next commit
There was a problem hiding this comment.
Note that we shouldn't have to worry about watchdogs here. See other comments.
zedi-pramodh
force-pushed
the
add-kubevirt-hyperisor
branch
2 times, most recently
from
ddf251d
to
eced2a3
Compare
|
I agree with you @christoph-zededa but for these PRs all test cases are same as existing test cases. Because nothing changes from EVE API perspective. But when we go to clustering part then for sure we need to get some tests incorporated. |
| @@ -43,14 +43,15 @@ type hypervisorDesc struct { | |||
| var knownHypervisors = map[string]hypervisorDesc{ | |||
| XenHypervisorName: {constructor: newXen, dom0handle: "/proc/xen", hvTypeFileContent: "xen"}, | |||
| KVMHypervisorName: {constructor: newKvm, dom0handle: "/dev/kvm", hvTypeFileContent: "kvm"}, | |||
| KubevirtHypervisorName: {constructor: newKubevirt, dom0handle: "/dev/kvm", hvTypeFileContent: "kubevirt"}, | |||
There was a problem hiding this comment.
It would be a lot easier to read and understand this if we replace the dom0handle string with an enabled func. For the existing one that func would Stat a file and for kubervirt it would be base.IsHVTypeKube()
The functions can even be inline as in
constructor: newXen, enabled: func() bool { _, err := os.Stat("/proc/xen") return err == nil}, hvTypeFileContent: "xen"}
| @@ -93,9 +94,18 @@ func BootTimeHypervisor() Hypervisor { | |||
| // the advice of this function and always ask for the enabled one. | |||
| func GetAvailableHypervisors() (all []string, enabled []string) { | |||
| all = hypervisorPriority | |||
| isHVTypeKube := base.IsHVTypeKube() | |||
| for _, v := range all { | |||
| if _, err := os.Stat(knownHypervisors[v].dom0handle); err == nil { | |||
There was a problem hiding this comment.
With the above suggestion this would become
if knownHypervisors[v].enabled() {
enabled = append(enabled, v)
}
There was a problem hiding this comment.
I will submit a new PR for these suggestions.
zedi-pramodh
force-pushed
the
add-kubevirt-hyperisor
branch
from
3fd948f
to
cfa1c47
Compare
github-actions
bot
requested review from
christoph-zededa,
deitch,
eriknordmark and
naiming-zededa
|
Updated 2 more commits, one for all vendor files coming after bumping the eve-api version and other addressing all review comments until 04/23 |
| } | ||
|
|
||
| // Create the VM | ||
| i := 5 |
There was a problem hiding this comment.
Domainmgr is more patient that that.
It has a separate goroutine for each DomainConfig which handles the create, modify, and delete operations for that task.
Only the main loop in domainmgr has the watchdog hook.
You can see that in the delete/inactivate path where domainmgr can wait for minutes for a VM to halt.
So if there are no reasons for you to not wait forever here for that reason.
HOWEVER, domainmgr has its only logic for retry starting a task if it failed to boot. That uses a configurable timer (maybe 60 seconds by default??).
So question is what type of failures do we see which made you add a retry here, and whether we can simplify this and use the existing retry in domainmgr?
| // wait for pod to be in running state, sometimes can take long, but we only wait for | ||
| // about a minute in order not to cause watchdog action |
There was a problem hiding this comment.
See above. I assuming it is only the create and modify functions in domainmgr which call this, so it can wait forever (but you might want to check for any errors while waiting forever.)
There was a problem hiding this comment.
AFAIR, we retry here to make sure kubernetes is up and running after reboot, it could take more than 2 minutes or so. The number of retries from domainmgr may not be sufficient, we do not want to generically bump up retries in domainmgr.
There was a problem hiding this comment.
May be we can retry forever as long as error is not kubernetes not ready.
There was a problem hiding this comment.
Alternatively if the issue is about k3s not up after a reboot, is there a way we can have e.g., domainmgr wait for it to be fully up and running? Is there a way to check whether it is ready?
If that is the case, then we can return all failures to the caller (and domainmgr will retry the boot after some time using the generic code).
There was a problem hiding this comment.
I am sorry it's been longtime since we wrote this code. We are looping for pod to be ready not k3s. For k3s ready we already do that in domainmgr when it starts. We call kubeapi.WaitForKubernetes() that should ensure k3s is ready.
This additional loop check seems to be to make sure when we launched a VM it reached a ready status. It generally takes sometime for kubernetes to schedule the VMI and start it. @naiming-zededa can you respond to this question.
|
Note that the go tests failed with |
|
Ah looks like I need to fix that test file to include kubevirt. |
|
Sure I will squash all commits once I submit one more commit for the latest review comments. |
|
Apparently there are also DCO issues - see https://github.com/lf-edge/eve/pull/3841/checks?check_run_id=24229268647 |
|
The build appears to be failing due to |
DCO issues seems to be coming from using the option commit the suggestion. I think I will git squash everything to one commit. That should fix it |
No clue what this one is. May be came after bumping to new eve-api |
1) Add Kubevirt hypervisor type in hypervisor.go
2) Since both kvm and kubevirt use /dev/kvm, we will filter the enabled hypervisor by flag isHVTypeKube
3) kubevirt.go implements the hypervisor interface for kubevirt hypervisor
4) Support for VMs, containers as a VM and also launch containers as kubernetes pods if virtualization type NOHYPER is chosen.
5) hostdevices PCIe passthrough is supported for NVMe disks, USB and Network interfaces.
5) Add hvTypeKube to domainmgr context
6) Domainmgr waits until kubernetes is ready for kubevirt type, cleans up any stale VM instances during startup.
7) Metrics collection uses kubernetes metrics collection mechanism for both VMs and containers (pods), but uses the existing domainmetrics
structures to be inconsistent with other flavors of eve
8) Added 3 more states in the types.go PENDING, SCHEDULING and FAILED.
NOTE: This PR contains code written by Naiming Shen too. Especially pod specific and also the metrics collection part.
9) This commit is squash of all commits after addressing review comments
Signed-off-by: Pramodh Pallapothu <pramodh@zededa.com>
zedi-pramodh
force-pushed
the
add-kubevirt-hyperisor
branch
from
ad40404
to
76dc29d
Compare
|
git squashed to single commit and fixed DCO and newlog build issue. |
@zedi-pramodh and then I run |
NOTE: This PR contains code written by @naiming-zededa too. Especially pod specific and also the metrics collection part.