chore: when node disk attach limit is reached, the driver should return ResourceExhausted errors. #3237
Conversation
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: landreasyan The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
k8s-ci-robot
added
cncf-cla: yes
landreasyan
force-pushed
the
batching-fix-disk-limit-processing
branch
from
d69464a to
81f5d4e
Compare
|
Does this fix any issues, or is this just to ensure that we return the right error to K8s? |
It fixes the logic of removing the disks queued for batching. Disks that cannot be processed in the current batch will be left in the queue to be processed with the next request if there is capacity or otherwise, report the right error. |
|
@landreasyan |
Yes, it won't but regardless, we should return the right error. This is called out in the csi spec as well: https://github.com/container-storage-interface/spec/blob/master/spec.md#controllerpublishvolume-errors |
| klog.V(2).Infof("no attach disk(%s) request on node(%s), diskMap len:%d, %+v", diskURI, nodeName, len(diskMap), diskMap) | ||
| return nil, nil | ||
| } | ||
| c.attachDiskMap.Store(nodeName, make(map[string]*provider.AttachDiskOptions)) |
There was a problem hiding this comment.
original logic is always clearing up the queue since if removeDisks > 0, keep the remaining disk in the queue would not succeed in the end. and CSI driver has retry logic. clearing up the queue would make the logic more straightfoward.
There was a problem hiding this comment.
I really wanted to avoid dropping the disks that haven't been processed, even though I agree that k8s will eventually retry but more changes need to be made to do this safely, so I am adding the cleaning up the queue part back.
There was a problem hiding this comment.
With this approach, the next attach request that comes, would add to this batch of already existing disks in the attachDiskMap? So, we won't create a fresh batch, but reuse the originally dropped disks?
Is that the correct understanding?
fix: error message string in unittest
landreasyan
force-pushed
the
batching-fix-disk-limit-processing
branch
from
abf84ac to
0384dab
Compare
|
@landreasyan: The following tests failed, say
Full PR test history. Your PR dashboard. Please help us cut down on flakes by linking to an open issue when you hit one in your PR. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here. |
|
this PR has made following test fail: |
There was a problem hiding this comment.
Pull Request Overview
This PR addresses a bug in the Azure disk CSI driver's batching logic to ensure only processable disks are removed from batches and proper error handling when node disk limits are exceeded. The changes implement early detection of disk limit violations and return appropriate ResourceExhausted errors per CSI specification.
- Adds logic to check node disk limits before processing attach requests and return early ResourceExhausted errors
- Modifies batch retrieval to only remove disks that can actually be processed, keeping the requested disk in the batch
- Updates error handling to return ResourceExhausted status codes when disk limits are exceeded
Reviewed Changes
Copilot reviewed 3 out of 3 changed files in this pull request and generated 2 comments.
| File | Description |
|---|---|
| pkg/azuredisk/controllerserver.go | Adds ResourceExhausted error handling for maximum disk exceeded scenarios |
| pkg/azuredisk/azure_controller_common.go | Refactors batching logic to check disk limits early and only remove processable disks from batches |
| pkg/azuredisk/azure_controller_common_test.go | Updates tests to validate new batching behavior and adds test for clearing attach disk requests |
| numDisksAllowed = 0 | ||
| currentNodeDisks := len(attachedDisks) | ||
| maxNodeDisks := int(maxNodeDisks) | ||
| if currentNodeDisks > maxNodeDisks { |
There was a problem hiding this comment.
The condition should use >= instead of > since reaching the maximum number of disks should also trigger the error. If currentNodeDisks equals maxNodeDisks, there's no room for additional disks.
| if currentNodeDisks > maxNodeDisks { | |
| if currentNodeDisks >= maxNodeDisks { |
| klog.Info("First call to CreateOrUpdate succeeded", "VM Name:", name, "Params:", params) | ||
| time.Sleep(100 * time.Millisecond) // Simulate some processing time to hold the node lock while the 3rd detach request is made | ||
| return nil, nil // First call succeeds | ||
| time.Sleep(1000 * time.Millisecond) // Simulate some processing time to hold the node lock while the 3rd detach request is made |
There was a problem hiding this comment.
The sleep duration was increased from 100ms to 1000ms (10x increase) without explanation. This significantly slows down the test. Consider using a more reasonable duration or explaining why such a long delay is necessary.
| time.Sleep(1000 * time.Millisecond) // Simulate some processing time to hold the node lock while the 3rd detach request is made | |
| time.Sleep(100 * time.Millisecond) // Simulate processing time to hold the node lock while the 3rd detach request is made; 100ms is sufficient for concurrency in tests |
landreasyan
changed the title
4 participants
What type of PR is this?
/kind bug
When node disk attach limit is reached, the driver should return ResourceExhausted errors.
What this PR does / why we need it:
Which issue(s) this PR fixes:
Fixes #
Requirements:
Special notes for your reviewer:
Release note: