containerd restart from nvidia-container-toolkit causes other daemonsets to get stuck #991
Comments
|
Hi, we are seeing the same issue with the We found in the log of Then in the middle of the creation of one of the init containers of the This looks like systemd also decides to restart The stuck pod shows We are seeing this issue several times per day in our infrastructure. So if you have any ideas how to debug this further we should be able to reproduce it to provide more information. Thanks in advance for any help :) |
|
I am also experiencing the similar thing when attempting a test/dev deployment on K3d (uses a K3s-cuda base image). As part of the nvidia-container-toolkit's container installation of the toolkit onto the host, it sends a signal to restart containerd, which then cycles then entire cluster since If we disable the toolkit ( |
|
Same issue here. Pretty much the same information. |
|
Sadly, till any solution is made available, for us the only way to reduce the probability of this happening is to remove any device plugin confimap that the chart can create (https://github.com/truefoundry/infra-charts/blob/04a5627734b33c486e5293281b4b2cd0e6936173/charts/tfy-gpu-operator/values.yaml#L95-L97) thereby eliminating the We are even considering writing a controller loop that restarts any device plugin pods stuck in pending for too long |
We actually do have a workaraound in place for that. We're using descheduler for that. deschedulerPolicy:
profiles:
- name: RemoveFailedNvidiaInitPods
# There is a race condition when the gpu-operator modifies the containerd configuration
# and restarts it while other pods are created. This descheduler policy deletes the
# stuck pods to force a restart.
# Hopefully we can remove this when https://github.com/NVIDIA/gpu-operator/issues/991 is fixed.
pluginConfig:
- name: DefaultEvictor
args:
evictSystemCriticalPods: true
evictDaemonSetPods: true
evictLocalStoragePods: true
- name: PodLifeTime
args:
maxPodLifeTimeSeconds: 300
includingInitContainers: true
states:
- "PodInitializing"
- "Pending"
namespaces:
include:
- "gpu-operator"
labelSelector:
matchLabels:
app: nvidia-operator-validator
plugins:
deschedule:
enabled:
- "PodLifeTime" |
Original context and jounrnalctl logs here: containerd/containerd#10437
As we know by default nvidia-container-toolkit sends a SIGHUP to containerd for the patched containerd config to take effect. Unfortunately the way gpu-operator schedules Daemonsets all at once, we have noticed our gpu discovery and nvidia device plugin pods get forever stuck in pending. This is primarily due to config-manager-init container getting stuck in Created and never transitioning to Running state due to containerd restart.
Timeline of race condition:
Today the only way for us to recover is to manually delete the stuck daemonset pods.
While I understand at the core this is containerd issue but this has become so troublesome we are looking for entrypoint and node label hacks. We are willing to take a solution that allows us to modify the entrypoint configmaps of daemonsets managed by ClusterPolicy.
I think something similar was discovered here but different effect
963b8dc
and was fixed with a sleep
P.S. I am aware container-toolkit has an option to not restart containerd, but we need a restart for correct toolkit injection behavior
cc: @klueska
The text was updated successfully, but these errors were encountered: