Support addon Deployments, make heapster a deployment with a nanny.

[Q-Lee]

1. Heapster uses a deployment here.
2. Changed kube-addon-update.sh to include deployments (this seems like a transitional change while we're moving all addons to deployments).
3. Adding a nanny to resize heapster with the number of nodes.

[k8s-github-robot]

Labelling this PR as size/L

[k8s-bot]

GCE e2e build/test failed for commit 5a3c51892cf210760ba4cbbc40d821e5e7c97b82.

• Build Log
• Test Artifacts
• Internal Jenkins Results

Please reference the list of currently known flakes when examining this failure. If you request a re-test, you must reference the issue describing the flake.

[davidopp]

Is this for 1.2?

cc/ @bgrant0607 @mikedanese

[bgrant0607]

No, this can't go into 1.2. That ship has sailed.

[bgrant0607]

Ref #7459, #9467

[Q-Lee]

We're aiming for 1.2.1. Adding zml@ for context on kube-addon-update.sh.
cc @zmerlynn

[mikedanese]

Comment bellow this:

We don't expect names to be versioned for the following kinds

I would expect this to be true for deployments as well.

[Q-Lee]

@bgrant0607 Is there anything in particular I need to consider for cluster upgrades if heapster is becoming a deployment?

[k8s-bot]

GCE e2e build/test failed for commit 82682f5d993c99f33e4d104675fbbb9cb864e1a2.

• Build Log
• Test Artifacts
• Internal Jenkins Results

Please reference the list of currently known flakes when examining this failure. If you request a re-test, you must reference the issue describing the flake.

[bgrant0607]

What's going to kill off the old RCs?

cc @fgrzadkowski @vishh

[bgrant0607]

If you just specify limits, request should be set from limits.

[vishh]

#18216 added requests to all addons.

[mikedanese]

One of the config best practices is:

Don’t specify default values unnecessarily, in order to simplify and minimize configs, and to reduce error.

I don't really understand the argument behind #18216 but it seems to violate that best practice.

[Q-Lee]

Then why don't we do this for other singletons (e.g., heapster itself)?

[mikedanese]

Because of #18216. Can you explain why this is important @gmarek? Here's the defaulting code https://github.com/kubernetes/kubernetes/blob/master/pkg/api/v1/defaults.go#L99-L116

[gmarek]

When we were designing QoS we decided to have this defaulting as a backward compatibility feature. I didn't had impression that it's there to stay forever, so I think we should have requests explicit. Generally all those QoS stuff is really confusing as it is today. @piosz

[Q-Lee]

Interesting: I didn't know about that default behavior. It actually conflicts with the addon-resizer, which explicitly sets requests=limits to keep its dependents in the guaranteed class. The addon-resizer also performs an update on any qualitative difference (e.g., requests being expected but not found). This would manifest as a single deployment update at startup.

It feels weird to add a flag to disregard requests, but we'll need to if we want to utilize this default behavior. But since literally all of our addons specify both requests and limits, why don't I cut an issue for 1.3 to rectify both the pod_nanny and all of our addon yamls with best practices?

[mikedanese]

SGTM

[gmarek]

This is another proof that the current state is confusing. We should work on that at some point.

[Q-Lee]

Opened #23229

[bgrant0607]

cc @janetkuo @pwittrock

[bgrant0607]

Since this only has 1 replica, you might consider the Recreate update policy. The default is RollingUpdate.

[Q-Lee]

Interesting idea. The code for the container in question lives in contrib/addon-resizer, where that would be an easy (1-line) change. I'll definitely consider it.

[fgrzadkowski]

@Q-Lee Please cc people who owns a particular feature/component if you change its configuration etc. @mwielgus @piosz

[fgrzadkowski]

@mwielgus Please verify these values based on your perf tests. AFAIR we need more than 100m cpu in large clusters and 4MB of memory for each node.

[Q-Lee]

The 1.2 cut gives 4MB per node, but leaves CPU at 100m. I've changed this to use the same per-node value as static sizing.

[mwielgus]

On 1000 node cluster we are using 50 millis on average with occasional spikes to 500 (every minute for a couple seconds).

[Q-Lee]

Where is this define?

[Q-Lee]

@fgrzadkowski how do I know which person/people own a particular configuration file?

[Q-Lee]

"What's going to kill off the old RCs?"

Ideally I would think the addon-update system should delete the old replication controller when its configuration is no longer found. Thoughts?

@bgrant0607 @fgrzadkowski @vishh

[k8s-bot]

GCE e2e build/test failed for commit 1c794555072a5ddd5ef3a26fc5970e6f04ec1c26.

• Build Log
• Test Artifacts
• Internal Jenkins Results

Please reference the list of currently known flakes when examining this failure. If you request a re-test, you must reference the issue describing the flake.

[vishh]

@Q-Lee:
+1 for #22893 (comment)

[k8s-bot]

GCE e2e build/test passed for commit 726bbc4bfce110601fc17bf568386e413b4bd3de.

• Build Log
• Test Artifacts
• Internal Jenkins Results

[k8s-github-robot]

PR changed after LGTM, removing LGTM.

[k8s-bot]

GCE e2e build/test passed for commit 81ba98a.

• Build Log
• Test Artifacts
• Internal Jenkins Results

[fgrzadkowski]

How is this going to update Deployments? AFAIU name for an object will not change, so how addon-updater will realise it has to do an update? Has this been tested?

[fgrzadkowski]

@piosz

[piosz]

ping @Q-Lee
Are you sure this won't broke addons update procedure?

[k8s-cherrypick-bot]

Removing label cherrypick-candidate because no release milestone was set. This is an invalid state and thus this PR is not being considered for cherry-pick to any release branch. Please add an appropriate release milestone and then re-add the label.

[k8s-cherrypick-bot]

Commit found in the "release-1.2" branch appears to be this PR. Removing the "cherrypick-candidate" label. If this is an error find help to get your PR picked.

[andyzheng0831]

@Q-Lee as I said in #23434 (comment), "Please notify me when you decide to cherry pick." Your change broke us in master branch and I fixed that. Now it was cherry picked in release-1.2 without telling us, so it breaks us again. Thanks to our Jenkins for catching the breakage. Hopefully I will still have time to cherry pick my fix into release-1.2 before 1.2.2 is cut.