feat: implement kwok cloud provider

[vadasambar]

Signed-off-by: vadasambar [email protected]

What type of PR is this?

/kind feature

What this PR does / why we need it:

This PR implements kwok provider (kwok is a more performant alternative to kubemark; it doesn't require creation of a separate master/cluster for testing) for scale testing CA to identify and fix issues like #5769

More more info, check the README

Which issue(s) this PR fixes:

There is no issue for this PR. I can create one if needed.

Special notes for your reviewer:

Does this PR introduce a user-facing change?

Added: new kwok cloud provider (check https://github.com/kubernetes/autoscaler/blob/kwok-poc/cluster-autoscaler/cloudprovider/kwok/README.md) for more info

Additional documentation e.g., KEPs (Kubernetes Enhancement Proposals), usage docs, etc.:

[vadasambar]

Here's what it looks like in action

Here's what the new node looks like:

suraj@suraj:~/sandbox/go-sandbox/node-templates$ k get no ng-2-62588 -oyaml
apiVersion: v1
kind: Node
metadata:
  annotations:
    cluster-autoscaler.kwok.nodegroup/name: ng-2
    kubeadm.alpha.kubernetes.io/cri-socket: unix:///run/containerd/containerd.sock
    kwok.x-k8s.io/node: fake
    node.alpha.kubernetes.io/ttl: "0"
    volumes.kubernetes.io/controller-managed-attach-detach: "true"
  creationTimestamp: "2023-06-07T05:15:19Z"
  labels:
    beta.kubernetes.io/arch: amd64
    beta.kubernetes.io/os: linux
    kubernetes.io/arch: amd64
    kubernetes.io/hostname: kind-worker
    kubernetes.io/os: linux
  name: ng-2-62588
  resourceVersion: "111083"
  uid: 7bd7ff54-0e0a-48b3-bccc-9b3e75658850
spec:
  podCIDR: 10.244.1.0/24
  podCIDRs:
  - 10.244.1.0/24
  providerID: kwok:ng-2-62588
status:
  addresses:
  - address: 172.18.0.3
    type: InternalIP
  - address: kind-worker
    type: Hostname
  allocatable:
    cpu: "12"
    ephemeral-storage: 959786032Ki
    hugepages-1Gi: "0"
    hugepages-2Mi: "0"
    memory: 32781516Ki
    pods: "110"
  capacity:
    cpu: "12"
    ephemeral-storage: 959786032Ki
    hugepages-1Gi: "0"
    hugepages-2Mi: "0"
    memory: 32781516Ki
    pods: "110"
  conditions:
  - lastHeartbeatTime: "2023-06-07T05:16:24Z"
    lastTransitionTime: "2023-06-07T05:16:24Z"
    message: kubelet is posting ready status
    reason: KubeletReady
    status: "True"
    type: Ready
  - lastHeartbeatTime: "2023-06-07T05:16:24Z"
    lastTransitionTime: "2023-06-07T05:16:24Z"
    message: kubelet has sufficient memory available
    reason: KubeletHasSufficientMemory
    status: "False"
    type: MemoryPressure
  - lastHeartbeatTime: "2023-06-07T05:16:24Z"
    lastTransitionTime: "2023-06-07T05:16:24Z"
    message: kubelet has no disk pressure
    reason: KubeletHasNoDiskPressure
    status: "False"
    type: DiskPressure
  - lastHeartbeatTime: "2023-06-07T05:16:24Z"
    lastTransitionTime: "2023-06-07T05:16:24Z"
    message: kubelet has sufficient PID available
    reason: KubeletHasSufficientPID
    status: "False"
    type: PIDPressure
  - lastHeartbeatTime: "2023-06-07T05:16:24Z"
    lastTransitionTime: "2023-06-07T05:16:24Z"
    message: RouteController created a route
    reason: RouteCreated
    status: "False"
    type: NetworkUnavailable
  daemonEndpoints:
    kubeletEndpoint:
      Port: 10247
  images:
  - names:
    - registry.k8s.io/etcd:3.5.6-0
    sizeBytes: 102542580
  - names:
    - docker.io/library/import-2023-03-30@sha256:ba097b515c8c40689733c0f19de377e9bf8995964b7d7150c2045f3dfd166657
    - registry.k8s.io/kube-apiserver:v1.26.3
    sizeBytes: 80392681
  - names:
    - docker.io/library/import-2023-03-30@sha256:8dbb345de79d1c44f59a7895da702a5f71997ae72aea056609445c397b0c10dc
    - registry.k8s.io/kube-controller-manager:v1.26.3
    sizeBytes: 68538487
  - names:
    - docker.io/library/import-2023-03-30@sha256:44db4d50a5f9c8efbac0d37ea974d1c0419a5928f90748d3d491a041a00c20b5
    - registry.k8s.io/kube-proxy:v1.26.3
    sizeBytes: 67217404
  - names:
    - docker.io/library/import-2023-03-30@sha256:3dd2337f70af979c7362b5e52bbdfcb3a5fd39c78d94d02145150cd2db86ba39
    - registry.k8s.io/kube-scheduler:v1.26.3
    sizeBytes: 57761399
  - names:
    - docker.io/kindest/kindnetd:v20230330-48f316cd@sha256:c19d6362a6a928139820761475a38c24c0cf84d507b9ddf414a078cf627497af
    - docker.io/kindest/kindnetd@sha256:c19d6362a6a928139820761475a38c24c0cf84d507b9ddf414a078cf627497af
    sizeBytes: 27726335
  - names:
    - docker.io/kindest/local-path-provisioner:v0.0.23-kind.0@sha256:f2d0a02831ff3a03cf51343226670d5060623b43a4cfc4808bd0875b2c4b9501
    sizeBytes: 18664669
  - names:
    - registry.k8s.io/coredns/coredns:v1.9.3
    sizeBytes: 14837849
  - names:
    - docker.io/kindest/local-path-helper:v20230330-48f316cd@sha256:135203f2441f916fb13dad1561d27f60a6f11f50ec288b01a7d2ee9947c36270
    sizeBytes: 3052037
  - names:
    - registry.k8s.io/pause:3.7
    sizeBytes: 311278
  nodeInfo:
    architecture: amd64
    bootID: ff1e4c75-5e08-49d6-b47e-808d9b298720
    containerRuntimeVersion: containerd://1.6.19-46-g941215f49
    kernelVersion: 5.15.0-72-generic
    kubeProxyVersion: v1.26.3
    kubeletVersion: v1.26.3
    machineID: 57c8e586bd8b4b2b80d28d156ce6ef03
    operatingSystem: linux
    osImage: Ubuntu 22.04.2 LTS
    systemUUID: Ubuntu 22.04.2 LTS
  phase: Running

Here's what it looks like in Grafana (this is from a different iteration of the test)

Dashboard is taken as is from https://grafana.com/grafana/dashboards/3831-autoscaler/ with a small change (I have renamed y axis legend for Pod activity panel)

[elmiko]

i'm very curious about the comparisons between kwok and kubemark.

also, why not create this as a gRPC based provider?

as a gRPC provider there won't be any limitations/restrictions based on adding code to this repository.

[qianlei90]

I think this provider makes contributors debug or develop CA locally easier than kubemark, and maybe it's a lightweight choice for CI/CD. This provider can also be a startup or a tutorials for those who want contribute to CA but lack of cloud resources.

[vadasambar]

i'm very curious about the comparisons between kwok and kubemark.

Thanks for the comment :D

I am working on a load test for #5769. I will try to post some data on that tomorrow and link here. I am hoping it shows a more concrete difference between the two of them performance wise. I didn't get time to elaborate more on this. I will try to do that in an upcoming comment. Most of it boils down:

1. I wanted to test issues like CA scale-up delays on clusters with heavy scaling activity #5769 without having to spin up resources in a public cloud provider. kubemark needed 100m CPU per fake node (which would be 1 core per upto 10 nodes). I wanted a more lightweight solution.

   Currently we're running HollowNode with a limit of 0.09 CPU core/pod and 220MB of memory. However, if we also take into account the resources absorbed by default cluster addons and fluentD running on the 'external' cluster, this limit becomes ~0.1 CPU core/pod, thus allowing ~10 HollowNodes to run per core (on an "n1-standard-8" VM node).

   https://github.com/kubernetes/community/blob/master/contributors/devel/sig-scalability/kubemark-guide.md#starting-a-kubemark-cluster

2. Easier testing like @qianlei90 mentioned

3. I found it easier to install and try (feel free to disagree here :))

4. This is a little ambitious but I hope kwok can be used as a dry-run option for different cloud providers

also, why not create this as a gRPC based provider?

as a gRPC provider there won't be any limitations/restrictions based on adding code to this repository.

I wanted to be able to scale-test issues around different cloud providers i.e., 4. Implementing the kwok provider in-tree means we are closer to the actual implementation of our (I think) most-used cloud providers (adding gRPC communication in between would mean an extra delay which is not there in our in-tree cloud providers). I was hoping for something like this:

1. Implement in-tree provider to cover most of the common use-cases
2. Implement kwok provider for clusterapi so that we can provision kwok nodes using clusterapi provider
3. Implement gRPC provider if there is user demand

For 2, Richard from CAPA is already working on it.

[vadasambar]

@elmiko you might be interested in #5769 (comment)

If you check the resource consumption for the kwok-controller* pod, you can create close to 400 nodes in well under 100m of CPU as opposed to kubemark where 100m of CPU per node is recommended.

[vadasambar]

To get kwok-provider-config and kwok-provider-templates ConfigMap

[vadasambar]

For creating and deleting nodes.

[vadasambar]

This is a sample kwok-provider-templates which helps users to get started with the kwok provider immediately (kwok-provider-config is in tune with this configmap).

[vadasambar]

This is not needed for the first release but good to have in the future.

[vadasambar]

@x13n mentioning you since you said you were interested in the PR.
The goal is to get the first release of the kwok provider out so that we can get user feedback. Any sort of review/feedback is welcome. I want to address review/feedback comments in a separate PR (I will create separate issue if needed) unless they block the release.

[vadasambar]

For people present during the kwok provider demo and interested in why scale-up didn't happen in the end. Scale-up didn't happen because I only had two instance-type values in the template nodes but I tried scaling the sample workload to 5 replicas with inter pod-affinity based on instance-type label. That's all!

[vadasambar]

TODOs after demo in the sig meeting:

• squash all the commits into 1
• do another pass through of the PR. I had to delete the pod stuck in Pending state to get into Running state even though node was present to schedule it (seems like an underlying kwok issue?)

[mwielgus]

Why do you need a nodeLister to be passed? Can we pass something more generic instead (client)?

[vadasambar]

Thank you for the comment.

The intention was to pass only what is needed. A caveat however is, cloudprovider implementers would have to change this if they need more than just node lister and possibly touch other cloudprovider's code to make it compatible as well.

My initial implementation was based on informer (which is more generic). We can pass it here. I can make that change. Let me know if you have any differing thoughts.

[vadasambar]

Passing in informers now.

[mwielgus]

/lgtm
/approve

[k8s-ci-robot]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: mwielgus, vadasambar

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

• charts/OWNERS [mwielgus]
• cluster-autoscaler/OWNERS [mwielgus]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment