Add first version of node-problem-detector

Author: Random-Liu

Dockerfile

@@ -0,0 +1,17 @@
+# Copyright 2016 The Kubernetes Authors All rights reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+FROM alpine:3.1
+MAINTAINER Random Liu <[email protected]>
+ADD node-problem-detector /node-problem-detector

Makefile

@@ -0,0 +1,19 @@
+all: push
+
+# See pod.yaml for the version currently running-- bump this ahead before rebuilding!
+TAG = 0.1
+
+# TODO(random-liu): Change the project to google_containers.
+PROJ = google.com/noogler-kubernetes
+
+node-problem-detector: node_problem_detector.go
+	CGO_ENABLED=0 GOOS=linux godep go build -a -installsuffix cgo -ldflags '-w' -o node-problem-detector
+
+container: node-problem-detector
+	docker build -t gcr.io/$(PROJ)/node-problem-detector:$(TAG) .
+
+push: container
+	gcloud docker push gcr.io/$(PROJ)/node-problem-detector:$(TAG)
+
+clean:
+	rm -f node-problem-detector

config/kernel-monitor.json

@@ -0,0 +1,31 @@
+{
+	"logPath": "/log/kern.log",
+	"bufferSize": 50,
+	"rules": [
+		{
+			"type": "temporary",
+			"reason": "OOMKilling",
+			"pattern": "Kill process \\d+ (.+) score \\d+ or sacrifice child\\nKilled process \\d+ (.+) total-vm:\\d+kB, anon-rss:\\d+kB, file-rss:\\d+kB"
+		},
+		{
+			"type": "temporary",
+			"reason": "TaskHung",
+			"pattern": "task \\S+:\\w+ blocked for more than \\w+ seconds\\."
+		},
+		{
+			"type": "permanent",
+			"reason": "AUFSUmountHung",
+			"pattern": "task umount\\.aufs:\\w+ blocked for more than \\w+ seconds\\."
+		},
+		{
+			"type": "permanent",
+			"reason": "DockerHung",
+			"pattern": "task docker:\\w+ blocked for more than \\w+ seconds\\."
+		},
+		{
+			"type": "permanent",
+			"reason": "KernelBug",
+			"pattern": "unregister_netdevice: waiting for \\w+ to become free. Usage count = \\d+"
+		}
+	]
+}

demo/au_opts_verify

@@ -0,0 +1 @@
+aufs au_opts_verify:1570:docker[0000]: dirperm1 breaks the protection by the permission bits on the lower branch

demo/aufs_umount_hung

@@ -0,0 +1,19 @@
+INFO: task umount.aufs:21568 blocked for more than 120 seconds.
+      Tainted: G         C    3.16.0-4-amd64 #1
+"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
+umount.aufs     D ffff8802111a9848     0 21568  21567 0x00000000
+ ffff8802111a93f0 0000000000000086 0000000000012f00 ffff8800baa0ffd8
+ 0000000000012f00 ffff8802111a93f0 ffff8802111a93f0 ffff8800baa0fdd8
+ ffff8802149ef038 ffff8802149ef020 ffffffff00000000 ffff8802149ef028
+Call Trace:
+ [<ffffffff81512d45>] ? rwsem_down_write_failed+0x1d5/0x320
+ [<ffffffff812b7d13>] ? call_rwsem_down_write_failed+0x13/0x20
+ [<ffffffff815126b9>] ? down_write+0x29/0x40
+ [<ffffffffa03556b1>] ? si_write_lock+0x31/0x110 [aufs]
+ [<ffffffff811b83ca>] ? do_filp_open+0x3a/0x90
+ [<ffffffffa0374e50>] ? au_plink_maint_enter+0x20/0xd0 [aufs]
+ [<ffffffffa037473d>] ? au_procfs_plm_write+0x13d/0x200 [aufs]
+ [<ffffffff81207069>] ? proc_reg_write+0x39/0x70
+ [<ffffffff811a8562>] ? vfs_write+0xb2/0x1f0
+ [<ffffffff811a90a2>] ? SyS_write+0x42/0xa0
+ [<ffffffff81513d0d>] ? system_call_fast_compare_end+0x10/0x15

demo/demo

@@ -0,0 +1,81 @@
+#!/bin/bash
+
+ZONE=us-central1-b
+KERNLOG=/var/log/kern.log
+
+usage () {
+  echo "Usage : `basename $0` COMMAND [arg...]
+  Commands:
+  create: create node problem detector daemon.
+  nodes: describe all nodes or specific node.
+  pods: describe all pods or specific pod.
+  inject: inject error kernel log into specific node.
+  reboot: generate a fake reboot log on specific node.
+  delete: delete node problem detector daemon."
+  exit
+}
+
+runCmd() {
+  echo $1
+  eval $1
+}
+
+rebootAll() {
+  TEMP=`mktemp`
+  kubectl get nodes | awk 'NR>1{print $1}' > $TEMP
+  while read -r node; do
+    reboot $node
+  done < $TEMP
+  rm $TEMP
+}
+
+reboot() {
+  LATEST=`gcloud compute ssh -n root@$1 --zone=$ZONE "tail -1 $KERNLOG"`
+  PREFIX=`echo $LATEST | cut -d "[" -f 1 -`"[0.000000]"
+  runCmd "gcloud compute ssh -n root@$1 --zone=$ZONE \"echo '$PREFIX reboot' >> $KERNLOG\""
+}
+
+case $1 in
+  create )
+    runCmd "kubectl create configmap node-problem-detector-config --from-file=../config/"
+    runCmd "kubectl create -f ../node-problem-detector.yaml --validate=false"
+    ;;
+  nodes )
+    runCmd "kubectl describe nodes $2"
+    ;;
+  pods )
+    runCmd "kubectl describe pods $2"
+    ;;
+  inject )
+    if [ -z $3 ]; then
+      usage
+      exit 1
+    fi
+    NODE=$3
+    LATEST=`gcloud compute ssh root@$NODE --zone=$ZONE "tail -1 $KERNLOG"`
+    PREFIX=`echo $LATEST | cut -d "]" -f 1 -`"]"
+    PREFIX=`printf "%q" "$PREFIX"`
+    COMMAND=
+    while read error
+    do
+      ERROR=`printf "%q" "$error"`
+      COMMAND=$COMMAND"echo $PREFIX $ERROR >> $KERNLOG; "
+    done < $2
+    runCmd "gcloud compute ssh root@$NODE --zone=$ZONE '$COMMAND'"
+    ;;
+  reboot )
+    if [ -z $2 ]; then
+      usage
+      exit 1
+    fi
+    reboot $2
+    ;; 
+  delete )
+    runCmd "kubectl delete -f ../node-problem-detector.yaml"
+    runCmd "kubectl delete configmap node-problem-detector-config"
+    ;;
+  * )
+    usage
+    exit 1
+    ;;
+esac

demo/docker_hung

@@ -0,0 +1,19 @@
+INFO: task docker:20744 blocked for more than 120 seconds.
+      Tainted: G         C    3.16.0-4-amd64 #1
+"echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
+docker          D ffff8801a8f2b078     0 20744      1 0x00000000
+ ffff8801a8f2ac20 0000000000000082 0000000000012f00 ffff880057a17fd8
+ 0000000000012f00 ffff8801a8f2ac20 ffffffff818bb4a0 ffff880057a17d80
+ ffffffff818bb4a4 ffff8801a8f2ac20 00000000ffffffff ffffffff818bb4a8
+Call Trace:
+ [<ffffffff81510915>] ? schedule_preempt_disabled+0x25/0x70
+ [<ffffffff815123c3>] ? __mutex_lock_slowpath+0xd3/0x1c0
+ [<ffffffff815124cb>] ? mutex_lock+0x1b/0x2a
+ [<ffffffff814175bc>] ? copy_net_ns+0x6c/0x130
+ [<ffffffff8108bdf4>] ? create_new_namespaces+0xf4/0x180
+ [<ffffffff8108beec>] ? copy_namespaces+0x6c/0x90
+ [<ffffffff810654f6>] ? copy_process.part.25+0x966/0x1c30
+ [<ffffffff81066991>] ? do_fork+0xe1/0x390
+ [<ffffffff811c442c>] ? __alloc_fd+0x7c/0x120
+ [<ffffffff81514079>] ? stub_clone+0x69/0x90
+ [<ffffffff81513d0d>] ? system_call_fast_compare_end+0x10/0x15

demo/oom_kill

@@ -0,0 +1,2 @@
+Memory cgroup out of memory: Kill process 1012 (heapster) score 1035 or sacrifice child
+Killed process 1012 (heapster) total-vm:327128kB, anon-rss:306328kB, file-rss:11132kB

demo/unregister_netdevice

@@ -0,0 +1 @@
+unregister_netdevice: waiting for lo to become free. Usage count = 1

node-problem-detector.yaml

@@ -0,0 +1,40 @@
+apiVersion: extensions/v1beta1
+kind: DaemonSet
+metadata:
+  name: node-problem-detector
+spec:
+  template:
+    metadata:
+      labels:
+        app: node-problem-detector
+    spec:
+      hostNetwork: true
+      containers:
+      - name: node-problem-detector
+        command:
+        - /node-problem-detector
+        - --kernel-monitor=/config/kernel-monitor.json
+        image: gcr.io/google.com/noogler-kubernetes/node-problem-detector:0.1
+        imagePullPolicy: Always
+        env:
+        # Config the host ip and port of apiserver.
+        - name: "KUBERNETES_SERVICE_HOST"
+          value: "e2e-test-lantaol-master"
+        - name: "KUBERNETES_SERVICE_PORT"
+          value: "443"
+        securityContext:
+          privileged: true
+        volumeMounts:
+        - name: log
+          mountPath: /log
+          readOnly: true
+        - name: config
+          mountPath: /config
+          readOnly: true
+      volumes:
+      - name: log
+        hostPath:
+          path: /var/log/
+      - name: config
+        configMap:
+          name: node-problem-detector-config