[jira] [Commented] (YUNIKORN-941) split scheduler and admission controller deployment

Fri, 10 Dec 2021 02:27:25 -0800 


    [ 
https://issues.apache.org/jira/browse/YUNIKORN-941?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17457031#comment-17457031
 ] 

Peter Bacsko commented on YUNIKORN-941:
---------------------------------------

[~wwei] as Kinga explained, she ran into some unexpected issues regarding 
secrets. This is what happens when k8s wants to start the adm. controller:

{noformat}
Events:
  Type     Reason       Age                  From               Message
  ----     ------       ----                 ----               -------
  Normal   Scheduled    5m4s                 default-scheduler  Successfully 
assigned yunikorn/yunikorn-admission-controller-5c46b58647-spxwk to yk8s-worker
  Warning  FailedMount  3m1s                 kubelet            Unable to 
attach or mount volumes: unmounted volumes=[webhook-tls-certs], unattached 
volumes=[kube-api-access-55zht webhook-tls-certs]: timed out waiting for the 
condition
  Warning  FailedMount  54s (x10 over 5m4s)  kubelet            
MountVolume.SetUp failed for volume "webhook-tls-certs" : secret 
"webhook-server-tls" not found
  Warning  FailedMount  47s                  kubelet            Unable to 
attach or mount volumes: unmounted volumes=[webhook-tls-certs], unattached 
volumes=[webhook-tls-certs kube-api-access-55zht]: timed out waiting for the 
condition
{noformat}

This is from 
https://github.com/apache/incubator-yunikorn-k8shim/runs/4440291100?check_suite_focus=true

We can no longer create the secrets in the {{postStart}} / {{exec}} section. 
See Kinga's comment 
[above|https://issues.apache.org/jira/browse/YUNIKORN-941?focusedCommentId=17455091&page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#comment-17455091].

> split scheduler and admission controller deployment
> ---------------------------------------------------
>
>                 Key: YUNIKORN-941
>                 URL: https://issues.apache.org/jira/browse/YUNIKORN-941
>             Project: Apache YuniKorn
>          Issue Type: Improvement
>          Components: shim - kubernetes
>            Reporter: Kinga Marton
>            Assignee: Peter Bacsko
>            Priority: Blocker
>              Labels: pull-request-available
>         Attachments: logs_322.zip
>
>
> To support proper YuniKorn upgrades and restarts we should move the admission 
> controller out of the scheduler deployment and make it a separate deployment.
> This could also allow the admission controller to be made high available and 
> allow simpler no down time upgrades possible. 



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to