Make EBS controllerexpansion idempotent

[gnufied]

Fixes #498

This PR contains following fixes:

• When describeVolume returns volume size to be greater than requested size, we also verify if volume has any modifications pending. I have observed that, AWS can set targetSize on volume even with pending volume modifications. This is the root cause of EBS resize flake.
• When volume modifications check return volume resizing to be completed, we also verify volume size by describing volume. This is to ensure that - we minimize impact of eventual consistency by making two different API calls.

[k8s-ci-robot]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: gnufied

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

• OWNERS [gnufied]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[coveralls]

Pull Request Test Coverage Report for Build 1219

• 44 of 60 (73.33%) changed or added relevant lines in 1 file are covered.
• 48 unchanged lines in 3 files lost coverage.
• Overall coverage increased (+0.3%) to 80.27%

---

Changes Missing Coverage	Covered Lines	Changed/Added Lines	%
pkg/cloud/cloud.go	44	60	73.33%

Files with Coverage Reduction	New Missed Lines	%
pkg/cloud/cloud.go	2	79.18%
pkg/util/util.go	4	89.74%
pkg/driver/controller.go	42	88.94%

Totals
Change from base Build 1209:	0.3%
Covered Lines:	1489
Relevant Lines:	1855

---

💛 - Coveralls

[gnufied]

/retest

[gnufied]

/retest

[gnufied]

/retest

[gnufied]

/retest

[gnufied]

/assign @bertinatto @jsafrane

[bertinatto]

In order to make this function idempotent, we shouldn't return an error if the volume modification is in progress, no?

It feels like it should return success if the volume is already being modified to newSizeGiB, but the volume is being modified to a value different than newSizeGiB, then it's OK to return an error?

[wongma7]

that doesn't seem right either, then it would return that resize has succeeded which is a lie.

attach/controllerpublish behaviour is to wait for the attach to complete if it's found to be in progress. The same could be done here

[gnufied]

Yep - was just about to push a change that made the whole RPC call block until operation is finished.

[bertinatto]

that doesn't seem right either, then it would return that resize has succeeded which is a lie.

That's a good point, but currently we're doing the same thing in the first call (because it considers the volume resized once the operation is in the Optimizing state). So if Optimizing mean success for the first call, it should also mean success for the subsequent calls.

attach/controllerpublish behaviour is to wait for the attach to complete if it's found to be in progress. The same could be done here

+1

Yep - was just about to push a change that made the whole RPC call block until operation is finished.

By waiting for the modification to be in the Completed state? If so, can/should we change the behaviour in-tree as well, to be consistent with the CSI driver?

[gnufied]

Alright modified so that each subsequent resize call will now wait for previous resize to finish before returning.

By waiting for the modification to be in the Completed state? If so, can/should we change the behaviour in-tree as well, to be consistent with the CSI driver?

No not "Completed" state. I reverted the code to "optimizing" or "completed" check, because the main reason this was breaking was because describeVolume can return updated size before volume has really finished resizing. "optimized" vs "completed" state had no impact on the outcome.

[wongma7]

double checking, doc says size can take a few seconds after volume is in optimizing state, and I guess it does not matter because even if fs resize is attempted prematurely, the fs resize will just get retried and must eventually succeed.

"Size changes usually take a few seconds to complete and take effect after a volume is in the Optimizing state. "
https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/monitoring-volume-modifications.html

[msau42]

We don't return size in fs resize, it just blindly tries to resize to the full disk size, whatever it may be at the time. So is it possible that we won't fs expand to the intended size if we don't wait?

[wongma7]

shoot you are right.

aws-ebs-csi-driver/vendor/k8s.io/kubernetes/pkg/util/resizefs/resizefs_linux.go

Line 38 in 9b33867

// Resize perform resize of file system

I am probably misreading the doc, the correct meaning must be that "optimizing" means the size change has already taken effect and only the performance change is still in progress.

[gnufied]

Size changes usually take a few seconds to complete and take effect after a volume is in the Optimizing state.

tbh - the wording here is imprecise in EBS docs. We have been told by EBS engineers that volume is "ready-to-use
after it enters "optimizing" state but if we wait for "VolumeModificationComplete" state then, it can take really long time to complete resize operation and afaict there is no intermediate state between "optimizing" and "complete" (although docs do imply that there is a intermediate state where size changes take effect few seconds after volume enters "optimizing" state).

[bertinatto]

/assign @leakingtapan @wongma7

[wongma7]

/retest

[wongma7]

is checking the ModificationState immediately after calling ModifyVolume still necessary, won't waitForVolumeSize do the same thing?

[gnufied]

I have removed most of this code. Still keeping some of the check in VolumeModification object after modification, so as we can return success immediately if volume was previously expnaded to same size already..

[wongma7]

lgtm
/retest

[gnufied]

/retest

[gnufied]

/retest

[gnufied]

/retest

[wongma7]

@bertinatto this look good to u?

[bertinatto]

/lgtm