Add health-check-monitor

[abansal4032]

The PR contains the health-monitor implementation as a NPD monitor.
This is implemented as a new binary : health-checker, which can be enabled using config/container-runtime-health-checker.json and config/kubelet-health-checker.json to check and repair container runtime and kubelet services respectively.

[k8s-ci-robot]

Thanks for your pull request. Before we can look at your pull request, you'll need to sign a Contributor License Agreement (CLA).

📝 Please follow instructions at https://git.k8s.io/community/CLA.md#the-contributor-license-agreement to sign the CLA.

It may take a couple minutes for the CLA signature to be fully registered; after that, please reply here with a new comment and we'll verify. Thanks.

---

• If you've already signed a CLA, it's possible we don't have your GitHub username or you're using a different email address. Check your existing CLA data and verify that your email is set on your git commits.
• If you signed the CLA as a corporation, please sign in with your organization's credentials at https://identity.linuxfoundation.org/projects/cncf to be authorized.
• If you have done the above and are still having issues with the CLA being reported as unsigned, please log a ticket with the Linux Foundation Helpdesk: https://support.linuxfoundation.org/
• Should you encounter any issues with the Linux Foundation Helpdesk, send a message to the backup e-mail support address at: login-issues@jira.linuxfoundation.org

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here.

[k8s-ci-robot]

Welcome @abansal4032!

It looks like this is your first PR to kubernetes/node-problem-detector 🎉. Please refer to our pull request process documentation to help your PR have a smooth ride to approval.

You will be prompted by a bot to use commands during the review process. Do not be afraid to follow the prompts! It is okay to experiment. Here is the bot commands documentation.

You can also check if kubernetes/node-problem-detector has its own contribution guidelines.

You may want to refer to our testing guide if you run into trouble with your tests not passing.

If you are having difficulty getting your pull request seen, please follow the recommended escalation practices. Also, for tips and tricks in the contribution process you may want to read the Kubernetes contributor cheat sheet. We want to make sure your contribution gets all the attention it needs!

Thank you, and welcome to Kubernetes. 😃

[k8s-ci-robot]

Hi @abansal4032. Thanks for your PR.

I'm waiting for a kubernetes member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work. Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

[abansal4032]

/assign @Random-Liu

[abansal4032]

/cc @yguo0905

[abansal4032]

/recheck-cla

[wangzhen127]

/ok-to-test

[wangzhen127]

Do we only want events? I think we can just use permanent type here. NPD will send events when setting the condition.

[abansal4032]

Changed this to add a permanent condition here.

[wangzhen127]

Assume kubelet was healthy for a long time. Suddenly, kubelet has some problem. This will wait for 2m (--wait-time) before trying to repair. In health-monitor.sh, it will only wait for 10sec.

It is hard to combine all the use cases for 1) initial wait time, 2) cool down time, and 3) health check timeout. Maybe ok to combine initial wait time and cool down time, but probably need a separate parameter for health check timeout.

[abansal4032]

1. Initial wait time : NPD starts only after API server is up and hence the first invocation of the plugin guarantees kubelet and docker to be up.
2. Cool down time : Changed wait-time to cooldown-time to wait after repair is attempted.
3. Health check timeout : Added a new flag defaulting to 10s.

[wangzhen127]

/cc @wangzhen127

[wangzhen127]

Also add if it is containerd, the crictl path should be non-empty?

[abansal4032]

The path has a default value which is used in case it is empty.

[wangzhen127]

How about if someone explicitly use --crictl-path=""? Would that also be using default value?

[abansal4032]

No, it will use the empty string. I have added a test to detect that. But in general, if that flag is set there is no way of making sure that path exists in the test.

[wangzhen127]

Those are consts, not types?

[abansal4032]

Yeah these are just consts. Since the usage is across packages, this felt like a correct place to have them. Similar pattern is followed here : https://github.com/kubernetes/node-problem-detector/blob/master/pkg/custompluginmonitor/types/types.go#L26

[wangzhen127]

Just one nit

[wangzhen127]

How about if someone explicitly use --crictl-path=""? Would that also be using default value?

[wangzhen127]

/lgtm
/hold

Check with @Random-Liu to see if he wants to take a look (I remember he said he would take a look this week?). Feel free to remove hold if he does not need to review.

[Random-Liu]

Supported components don't have kubelet?

[abansal4032]

Was a typo there. Updated the flags.

[Random-Liu]

Should we return error instead of panic? So that we can return an Unknown status outside.

[abansal4032]

Done.

[Random-Liu]

How is the CRI socket path defined?

[abansal4032]

Added the flag for CRI socket path.

[Random-Liu]

I hope we can make the systemd service name configurable, so that this can be used to support cri-o as well.

Probably:

• Component type: kubelet, docker, cri.
• SystemdService: for kubelet, docker, default to the component name; for cri this is required if EnableRepair is enabled.

And the repair will just restart the systemd service.

[abansal4032]

Restructured the logic to include the suggested changes.

[Random-Liu]

What if the healthCheckFunc function itself stuck? We need a timeout to cancel that.

This is very important, because that is the most frequent way the health check would fail.

[abansal4032]

Included the timeout logic in the healthCheckFunc. Removed the polling in the wrapper function.

[Random-Liu]

Hm, I feel like the status should be reported before the cooldown.

Can we use the systemd service startup time to implement cooldown? If the service hasn't run for 2 min yet, we don't repair it.

For example:
systemctl show docker --property=ActiveEnterTimestamp

[abansal4032]

Done. Since we are attempting the repair only if the component has been up for cool down period, the status report will not wait for cool down period.

[Random-Liu]

Where is the CRI socket path configured? Are we going to assume it is configured on the node?

[abansal4032]

Added a flag to specify this.

[Random-Liu]

LGTM with nits

[Random-Liu]

s/DefaultCricSocketPath/DefaultCriSocketPath

[abansal4032]

Done.

[Random-Liu]

s/SystemService/SystemdService

[abansal4032]

Done.

[Random-Liu]

s/system-service/systemd service.

[abansal4032]

Done.

[Random-Liu]

Update the comment.

[abansal4032]

Done.

[Random-Liu]

1. Can we make the way we use timeout consistent among the 3 functions? Maybe outside function accept HealthCheckerOptions, internal function doesn't accept arguments?
2. What is the relationship between HealthCheckTimeout and CmdTimeout? It is a bit confusing. :P

[abansal4032]

1. Done. Made the kubelet function inline.
2. HealthCheckTimeout is used to timeout actions in health check function. CmdTimeout is the timeout used for all other CLI commands run. For example : getUptime. Kept these two different because we might want to have a longer timeout on health check than other commands.

[Random-Liu]

I know what they are, but it is hard for users to understand when see the flag description.

Do we need to make command timeout configurable? Maybe have a constant value for it? I don't think people will need to tweak it. If they do, we can think about how to name that flag then.

[abansal4032]

Sounds good. Made it a constant and removed from the flags.

[Random-Liu]

TestIsValid

[abansal4032]

Done.

[Random-Liu]

I know what they are, but it is hard for users to understand when see the flag description.

Do we need to make command timeout configurable? Maybe have a constant value for it? I don't think people will need to tweak it. If they do, we can think about how to name that flag then.

[abansal4032]

/retest

[abansal4032]

/retest

[Random-Liu]

/lgtm
/approve

[k8s-ci-robot]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: abansal4032, Random-Liu, wangzhen127

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

• OWNERS [Random-Liu,wangzhen127]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment