KEP-5526: Pod Level Resource Managers 1.36

[KevinTMtz]

This KEP change does not modify the original proposed behavior, only adds some specifics that surfaced during the implementation of the feature.

The most significant additions are a new property to the CPU and Memory managers state to keep track of the pod level exclusive resource allocation (requires PRR review perspective) and the introduction of a new term ResourceIsolationLevel that describes if the container resources belong to the container, the pod or the node (currently only used by the CPU manager to handle CPU quota enablement/disablement).

• One-line PR description: Pod Level Resource Managers update to mainly add implementation specifics

• Issue link: Pod Level Resource Managers #5526

• Other comments:
  • [PodLevelResourceManagers] Pod Level Resource Managers - Alpha kubernetes#134768
  • KEP-5526: Pod Level Resource Managers #5527

[KevinTMtz]

cc @pravk03 @swatisehgal

Added a glossary with the terms that may cause some confusion, refer to previous comments in original PR:

• KEP-5526: Pod Level Resource Managers #5527 (comment)
• KEP-5526: Pod Level Resource Managers #5527 (comment)

[KevinTMtz]

/assign @ndixita

[KevinTMtz]

/assign @ffromani

[KevinTMtz]

/assign @pravk03

[KevinTMtz]

/assign @swatisehgal

[ndixita]

Are the container resources also released back to pod's shared pool?

[KevinTMtz]

No, because of the static behavior of the CPU and Memory managers, the podSharedPool remains the same until the pod termination. Rewrote that section to be more clear about it.

[ffromani]

This behavior as written looks reasonnable for alpha. If ever becomes undesirable, we would need a clear use case to think about further changes.

[dchen1107]

+1 to keep the simplicity for alpha.

[jpbetz]

PRR looks good for alpha. The PRR approval is already codified by the approval last release (https://github.com/KevinTMtz/enhancements/blob/pod-level-resource-managers-1-36/keps/prod-readiness/sig-node/5526.yaml) so no other approval steps are required for PRR.

[ffromani]

The KEP changes looks reasonnable and match our conversation in the PR.
The only point worth doubleclicking is the state file changes and the backward/forward upgrade and rollback flows.
While what we have is a good start, I'd like to make sure we are on par with the existing quality standards, and if there are cheap and reasonnable ways to improve. For example: is it time (and is it worth?) to finally begin adding an explicit version, using a field, encoded in the filename, or both, to the checkpoint file?

I'll think about it keeping practicality in mind - it will be very unfair to charge these improvements to this KEP, unless they are very cheap like wrapping new fields in a struct like we already did. I'll pause reviews momentarily to let other reviewers chime in.

[ffromani]

This behavior as written looks reasonnable for alpha. If ever becomes undesirable, we would need a clear use case to think about further changes.

[ffromani]

yes. Is meant to be forward compatible. The deserialization code in older kubelets will just ignore unknown fields in the struct.

[ffromani]

IIRC we decided to keep this concept internal to the kubelet (which is fine). Just add a note this is an internal concept and not part of the user-facing API.

[KevinTMtz]

Added note, thank you.

[ffromani]

LGTM. Need another pass to make sure I'm not neglecting anything, because memory manager is the lesser active resource manager so details fade quickly.

[ffromani]

We discussed a more compatible approach with multiple checkpoints, but that made the code much more complex without obvious compatibility gains. Looking at the big picture, this seems the sweet spot of simplicity and robustness.

[ffromani]

this is easy and cheap, should be no bother.

[ndixita]

nit: We could add that sidecar containers won't yield the resources as they are intended to run for the entire duration of pod's life

[KevinTMtz]

Done, reworded to be more clear about it.

[ndixita]

lgtm for partitioning logic, and overall design.

Pending items to review from my end: CPU Quota management section, and PRR questionnaire, to be done by EOD

[ndixita]

Took another pass and lgtm!

In a follow up PR, let's add:

1. A small note about topology manager in-memory state being cleared when a container is removed.
2. Although this KEP isn't about supporting PLR + IPPR, for Beta we will need an e2e that covers cases for pods resizes on node with resource managers enabled. Let's please add this as a todo for Beta.

[ffromani]

/lgtm

My comments have been addresses, the KEP is in good shape and I don't have any low hanging fruits for improvements.

[EDIT] I still want to deep dive into memory manager fine details, but there are no red (or yellow) flags in the changes here so I prefer to move forward.

[ffromani]

1. A small note about topology manager in-memory state being cleared when a container is removed.

regarding this point, research in github history and in the KEP has been inconclusive so far. The most credible theory, stemming from
kubernetes/kubernetes#74357 , is that the lifecycle hooks where wired following the template of cpumanager. Note that cpumanager was later removed from that hook to prevent exclusive CPU loss on container restart (issue link pending). Therefore, there is a fair chance we keep the affinity setting in the topology manager in-memory state longer than necessary.

I'd welcome further investigation in this area but we need some more hard data.

[KevinTMtz]

Took another pass and lgtm!

In a follow up PR, let's add:

1. A small note about topology manager in-memory state being cleared when a container is removed.
2. Although this KEP isn't about supporting PLR + IPPR, for Beta we will need an e2e that covers cases for pods resizes on node with resource managers enabled. Let's please add this as a todo for Beta.

For context, the "1. A small note about topology manager in-memory state being cleared when a container is removed." is relevant because of this discussion kubernetes/kubernetes#134345 (comment) from RestartAllContainers.

[KevinTMtz]

Amended the commit with the required updates to kep.yaml, no new changes to the KEP README.md file.

[ffromani]

/lgtm

Amended the commit with the required updates to kep.yaml, no new changes to the KEP README.md file.

Confirmed by inter-diff

[dchen1107]

+1 on podSharedPool. This allows us to treat a Pod as a single NUMA unit while allowing internal flexibility, meanwhile we still maintains backward compatibility at container level.

@pravk03 for vis.

[dchen1107]

Can you help me understand the difference between this category (pod is set, and container is set) with the above one (pod is unset, and container is set) when topology-manager-scope is set to container?

[KevinTMtz]

When only container-level resources are used (pod is unset, and container is set) and it is wanted to obtain exclusive resources, all the containers must have a guaranteed QoS, thus requiring each one of them to have an equal request and limit. In summary, it is an all or nothing situation, all containers receive exclusive resources, or none of them.

When pod-level resources are used (pod is set, and container is set), there is no longer an obligation to obtain Guaranteed QoS for each container, only for the overall pod, but it still requires the containers that you need to have exclusive resources to be Guaranteed. To put an example, it enables a hybrid model where you can have a pod with Guaranteed QoS determined by its pod-level resources, and three containers (one of them has a Guaranteed QoS), so only the Guaranteed container will obtain exclusive resources, while the non-Guaranteed containers will access the shared node resources constrained by the pod-level limit.

[dchen1107]

Thanks for the detailed explanation. It makes sense to me, but can you add an example below to reflect this difference?

[dchen1107]

This is by design, but please ensure a logging message for a warning to the users.

[ndixita]

This log message change would be a part of PLR implementation then @KevinTMtz. We can submit that as a follow up PR change as that wouldn't affect this KEP in particular.

[dchen1107]

In this case, shouldn't we have a pod resource underutilization issue? Since standard Init Containers are running sequentially, and also before any restarable sidecar container, can we change the logic by allowing them to burst to the entire pod?

[KevinTMtz]

Guaranteed init containers get the corresponding exclusive resources to their request and limit.

Non-guaranteed init containers are granted access to the entire pod-level resource budget minus any resources exclusively allocated to Guaranteed sidecars running at that time. So yes, they are able to burst to whatever is not exclusively allocated in the pod.

[dchen1107]

My point is once pod level resource is set, can we allow those standard init containers burst to entire pod resource and ignore its own resource request and limit since they are running sequentially anyway.

[KevinTMtz]

That behavior can be obtained if no request and limit is specified for init containers. I think it is better to keep consistency and respect the expected behavior of the container-level limit that the user has, and if the user wants the container to burst with available resources on the pod, the pod shared pool will take care of that if no container-level limit is specified.

[dchen1107]

sgtm. Let's document the best practice for this.

[dchen1107]

What about ephemeral container(s)? Today ephemeral containers borrow the node / pod resource, can we explicitly document this? With topology-manager-scope being introduced, should we allow it use pod shared resource or ...?

[KevinTMtz]

Ephemeral containers are not offered any alignment or exclusive allocation by the resource managers, since they lack any guarantees for resources or execution. I think it is better to keep them separate as they currently are, and not receive any special handling. Do you have any specific concerns about ephemeral containers and resource managers?

[dchen1107]

No, I don't have much concerns. Just want us to document it clearly in design and the user doc.

[ndixita]

@dchen1107 thanks for bringing this up. I have a few questions now which I missed earlier.

Consider a case: A pod with PLR set, has 1 guaranteed containers and 2 non-guaranteed containers.

Pod-level limit = 4 CPUs
container 1 limit = 2 CPUs
container 2 & 3 can share the other 2 CPUs from the pod shared pool and will have the corresponding cpuset set. If the pod is using all 4 CPUs, there's no way to inject an ephemeral container to such a pod. And there's no way to add enough buffer to the pod-level limit here to accommodate the ephemeral container under pod-level limits.

[dchen1107]

Yes, I asked Kevin a follow up PR for ephemeral containers and other small changes. We just need to make decision where to borrow resource for the ephemeral container, pod shared pool? If no shared, can borrow from the first container? Or the container being debugged?

[dchen1107]

AFAIK today's K8s roll back feature still requires node drain as the best practice. In this case I don't have much concern for alpha. Let's re-consider this in beta.

[dchen1107]

/lgtm
/approve

Please send me the followup PR based on the comments later.

[k8s-ci-robot]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: dchen1107, KevinTMtz

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details

Needs approval from an approver in each of these files:

• keps/sig-node/5526-pod-level-resource-managers/OWNERS [dchen1107]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[esotsal]

/cc

Interesting KEP with good discussion, looking forward for the implementation.