-
Notifications
You must be signed in to change notification settings - Fork 1.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
KEDA should check whether scale target is already managed by another ScaledObject #3755
Comments
Nice idea! |
As a start, an error while creating the new ScaledObject is enough imho. |
BTW, this is duplicated I think #3087 |
I think you can implement this using GateKeeper policy if you would like to |
We prefer to manage it internally better than using a 3rd party software. Something like checking it during the HPA creation or an admission hook. |
I actually want to contribute but I think I prefer to contribute in areas that I am more familiar with 😄 |
makes sense totally, don't worry :) |
I have been thinking about this, and I guess that an admission controller is the best option, because the person who deploys the SO could not be the person with access to KEDA logs. In companies with SRE teams managing the clusters, developers maybe don't have access to KEDA logs because it's in other namespace and they don't have access to check the logs. With an admission hook, we can give the feedback to those users during the deployment process. If we agree with the admission hook, I'm open to do a PoC to check it |
+1 Admissions controller inside this repo is the best approach imho. We can then extend this with another checks (find out whether there is HPA targeting the same resource) and we can also move some validation from the controller to admission controller. |
Given we already have a discussion on #3087 and this is a duplicate, can we merge the conversation please? |
As per the issues on https://github.com/kedacore/keda/issues?q=is%3Aopen+label%3Aprevention+sort%3Aupdated-desc, I believe that blocking creation is the only user-friendly way as error logs will not be consumed indeed. The resource should be prevented from being created. @JorTurFer I see you started working on this; would you mind making sure that the approach is extensible so that the other scenarios can be easily added in the future please? As per #3087 we discussed to make it configurable and make it an opt-in. However, I think we can make it an opt-out instead as this would reduce the support cases given the nature of using multiple SOs and how of an anti-pattern that is. |
Exactly, the webhooks' server logs the error, but the k8s api blocks the resource creation with a clear message like:
I thought in this and that's why I split the admission hook in other (the 3rd) deployment instead of including it in the operator. We will have the webhooks' server and we can include all new validating (or mutating) webhooks in the future, just adding the new code and registering them in the cluster, but without any "major change" as now.
Using |
Sounds good to me, thanks. For Helm, I would make it on by default though since it has it's own cycle and they can just turn it off when need be. |
I have question regarding the implementation. In real production environment the amount of hpas and scaledobjects can get up to thousands of objects. |
Would you mind moving this to the PR to keep the conversation close to that please? |
Just to be sure; are we effectively checking this today or was it closed by accident? (I think it's fine but just checking) |
It was closed automatically because the feature is fully implemented. |
hi, |
Yes, there is 😄 In fact, Kubernetes (1.26) has added a check in HPA Controller that disables the autoscaling if the HPA detects multiple deployments (based on labels). I mean, even if we'd remove the validation, it'll fail in k8s >= 1.26 because the HPA Controller disables the HPA Could you share your user case more detailed? Maybe there is other option to address it |
sure, gladly |
I'm quite sure that both ScaledObjects requires the same replicas or you should see the workload flapping between the required replicas for ScaledObject A and the required replicas for ScaledObject B. |
Yeah, they are having the same number of target replicas. I forgot to
mention one thing -
The downscaling object has upscale disabled and vice versa.
…On Wed, Jul 19, 2023, 7:36 PM Jorge Turrado Ferrero < ***@***.***> wrote:
I'm quite sure that both ScaledObjects requires the same replicas or you
should see the workload flapping between the required replicas for
ScaledObject A and the required replicas for ScaledObject B.
Could you share them? Maybe I'm missing something 🤔
—
Reply to this email directly, view it on GitHub
<#3755 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/ALNTT466VYL5F3HJJIF77H3XRAEKXANCNFSM6AAAAAARHCFPVM>
.
You are receiving this because you commented.Message ID:
***@***.***>
|
You're right, I was missing something xD I don't think that we should remove the validation if the upstream doesn't roll back that feature. |
But if you specify a threshold and minReplicas you should be good. If for example your threshold is 10 and you minReplicas is 4 then if the threshold is not met then it will scaleDown to minimum 4 replicas but if the threshold is met than it will upload more pods. You can use same scaledObject for both upward and downward |
The problem is that there is a chance that there is a connection on the 5th
server and scaling down to 4 will disconnect the user.
Sure, you shouldn't remove the check, especially cause k8s no longer
supports it. I'll work around the Prometheus query, maybe something can be
done there.
Thanks for your prompt reply :)
…On Wed, Jul 19, 2023, 8:47 PM yuval weber ***@***.***> wrote:
But if you specify a threshold and minReplicas you should be good.
If for example your threshold is 10 and you minReplicas is 4 then if the
threshold is not met then it will scaleDown to minimum 4 replicas but if
the threshold is met than it will upload more pods.
You can use same scaledObject for both upward and downward
—
Reply to this email directly, view it on GitHub
<#3755 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/ALNTT47VNHTMKUENRBPFLSDXRAMTBANCNFSM6AAAAAARHCFPVM>
.
You are receiving this because you commented.Message ID:
***@***.***>
|
If the connections of the users are not super long then you can add a preStop hook to the pod which will maybe wait for termination or will terminate the connection gracefully. If you want you can provide a bit more details regarding your use-case and we will try to help |
Even if HPA would support it, I don't think having multiple autoscaling definitions tell 1 app to scale is a good idea. |
I know but there are some things I would do differently. Cause maybe to cpu I want to bring 2 more pods at a time but for memory I want to bring 4 pods at a time |
I think that here is where KEDA could try to extend the HPA for bringing that capabilities somehow and where KEDA can add value. I mean, KEDA is who is exposing the metrics to the HPA Controller and who manages the HPA, nothing blocks that KEDA modifies the HPA based on some conditions and modify the exposed values. I mean, IMO that's a good idea and it's something that we can try to address in KEDA side, more than going against the upstream with multiple HPAs. In fact, didn't we created an issue for adding dynamic scaling rules @tomkerkhove ? |
Yes - #2614 |
Proposal
When a new ScaledObject is reconciled by Operator, it should be checked whether the scale target referenced by the new ScaledObject is being already managed by another ScaledObject, if so an error should be raised.
Use-Case
No response
Anything else?
No response
The text was updated successfully, but these errors were encountered: