Fixing the issue where a rapid scale up and scale down can result in a cordoned machine in the cluster.

[r4mek]

What this PR does / why we need it:
This PR contains a fix for the issue where a rapid scale up and scale down can result in a cordoned machine in the cluster.

The case happens when CA scales down a MCD followed quickly with scaling up the same MCD before the MCD controller notices the replica change and start reconciliation. The result is the MCD ending up with the same number of replicas that it started off with, causing the MCD controller not to have any work to do since from it's point of view, the MCD replicas have not changed.
As part of the scale down operation, CA will cordon an underutilised node. This node just remains part of the cluster as MCM makes no further attempt to remove it

Which issue(s) this PR fixes:
Fixes #1085, #1084

Special notes for your reviewer:
There is also a PR raised on gardener/autoscaler which has the changes from the autoscaler and is also required to fix the issue. PR(gardener/autoscaler#401)

Release note:

Fixing an issue where a rapid scale up and scale down can result in a cordoned machine in the cluster.

[gardener-prow]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by:
Once this PR has been reviewed and has the lgtm label, please assign elankath for approval. For more information see the Code Review Process.

The full list of commands accepted by this bot can be found here.

Details

Needs approval from an approver in each of these files:

• OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[r4mek]

/kind bug

[thiyyakat]

Hi @r4mek ! Just a few small suggestions. PTAL. Thanks!

[thiyyakat]

Suggested change

	// This annotation is used so that MCS only deletes the machines for which it has observed change in replicas.:w
	// This annotation is used so that MCS only deletes the machines for which it has observed change in replicas.

[thiyyakat]

You don't need to use "It" in the description.

Suggested change

	It("It should delete the marked machines with no change in machineSet replicas", func() {
	It("should delete the marked machines with no change in machineSet replicas", func() {

[thiyyakat]

Same here. No need to say "It".

[thiyyakat]

Suggested change

	Entry("mark the machines named in TriggerDeletionByMCM annotation for deletion by setting their MachinePriority annotation to 1 and also set the LastReplicaChangeAnnotation on them same as that is passed with the annotation",
	Entry("mark the machines named in TriggerDeletionByMCM annotation for deletion by setting their MachinePriority annotation to 1 and also set their LastReplicaChangeAnnotation to the same value passed with the annotation",

[thiyyakat]

Suggested change

	klog.Errorf("Failed to update MachineDeployment %q with #%d machine names still pending deletion, triggerDeletionAnnotValue=%q", mcd.Name, len(triggerForDeletionMachineNamesWithTS), triggerDeletionAnnotValue)
	klog.Errorf("failed to update MachineDeployment %q with #%d machine names still pending deletion, triggerDeletionAnnotValue=%q", mcd.Name, len(triggerForDeletionMachineNamesWithTS), triggerDeletionAnnotValue)

[thiyyakat]

Could you please add a comment here explaining the change?

[thiyyakat]

The err is not handled. Maybe log the err as a warning here?

[takoverflow]

Please change these logs to not call them stale machines.
Similarly for the below error for the terminate call as well.

[aaronfern]

Add a warning is len(parts) != 2 and continue to the next if this is the case

[aaronfern]

Please parse machineDeletionTS to ensure it is a valid timestamp. if it is not, log it and continue to the next

Also, if annotation is invalid, please add machine to skipTriggerForDeletionMachineNames

[aaronfern]

Add a check to not update LastReplicaChangeAnnotation if already set
Also add a log line is TS is already set and continue

[aaronfern]

Add another function that is called by this one func ComputeMachineTriggerDeletionData(mcd) triggerDeletionData that takes care of computing the machineNames/timestamps and other data necessary for application from the trigger deletionAnnotation.

The struct can be as follows

type triggerDeletionData struct{
	machineNamesWithTS []string
	skipMachineNamesWithTS []string
	machineMarkedDeletionTimes map[string]time.Time (consider map[string]string based on implementation)
}

Also, add another method on this structure to give you annotations that you should add to the machineDeployment. This method can be called latestTriggerDeletionAnnotationValue()

[aaronfern]

Please rename this function to be more accurate to what it is doing

Suggested change

	func (dc *controller) setMachinePriorityAnnotationAndUpdateTriggeredForDeletion(ctx context.Context, mcd *v1alpha1.MachineDeployment) error {
	func (dc *controller) updateMachineAndMachineDeploymentDeletionAnnotations(ctx context.Context, mcd *v1alpha1.MachineDeployment) error {

[aaronfern]

Please change the annotation name to machine.sapcloud.io/last-deployment-replica-change-time-by-scaler
This is to be used on machineDeployments and machineSets only

[aaronfern]

Please add a new annotation to be used on machines. It can be called machine.sapcloud.io/mark-deletion-time

[aaronfern]

Move this to a function. Accept allMachines and machineSet.Annotations[machineutils.LastReplicaChangeAnnotation], and it should return a list of machineNames to delete

[aaronfern]

As part of manageReplicas, please make the following 2 changes

1. Update the sorting function in getMachinesToDelete() to now consider the timestamp set on the mark-for-deletion annotation
2. Do not delete machines inside the machinesWithoutUpdateSuccessfulLabelDiff > 0 block, but rather store all the machined intended to be deleted in a list and delete them later in at the end of the method after also computing stale machines