KEP-2371: Add cgroup metrics + CRI implementation plan

[danielye11]

• One-line PR description: Updating KEP with cgroup stats of cadvisor metrics, adding CRI implementation details

• Issue link: https://github.com/kubernetes/enhancements/tree/master/keps/sig-node/2371-cri-pod-container-stats

• Other comments:

[k8s-ci-robot]

Welcome @danielye11!

It looks like this is your first PR to kubernetes/enhancements 🎉. Please refer to our pull request process documentation to help your PR have a smooth ride to approval.

You will be prompted by a bot to use commands during the review process. Do not be afraid to follow the prompts! It is okay to experiment. Here is the bot commands documentation.

You can also check if kubernetes/enhancements has its own contribution guidelines.

You may want to refer to our testing guide if you run into trouble with your tests not passing.

If you are having difficulty getting your pull request seen, please follow the recommended escalation practices. Also, for tips and tricks in the contribution process you may want to read the Kubernetes contributor cheat sheet. We want to make sure your contribution gets all the attention it needs!

Thank you, and welcome to Kubernetes. 😃

[linux-foundation-easycla]

The committers listed above are authorized under a signed CLA.

• ✅ login: danielye11 (822dae3)

[k8s-ci-robot]

Hi @danielye11. Thanks for your PR.

I'm waiting for a kubernetes member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work. Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

[haircommander]

AFAIK we still plan on dropping these. do we need to include them in this change?

[haircommander]

table update LGTM, one question about a new addition. You also need to sign the CLA, and I would prefer if all of the commits were squashed together

[haircommander]

based on the structure of other CRI calls, I think I'd expect this more to be

essage ListPodSandboxMetricsResponse {
    repeated PodSandboxMetrics pod_metrics= 1;
}
message PodSandboxMetrics {
    string pod_sandbox_id = 1;
    repeated Metric metrics = 2;
    repeated ContainerMetrics container_metrics = 3;
}

[danielye11]

Restructured

[haircommander]

nit: missing space beteween s and =

[haircommander]

Additionally, a feature gate will be added to only report Prometheus based metrics from the CRI when calling /stats endpoint.

1: I thought we'd reuse PodAndContainerStatsFromCRI for this?
2: isn't it /metrics/cadvisor not /stats

[haircommander]

3: nit, I believe the capitalization is gRPC

[danielye11]

Good point, updated in commit

[haircommander]

/ok-to-test

[haircommander]

linter is saying to run hack/update-toc.sh

[haircommander]

/lgtm

@bobbypage @mrunalp @derekwaynecarr PTAL

[bobbypage]

Few small comments.

Thanks for updating the KEP, LGTM on the changes proposed.

/lgtm

[bobbypage]

One more thing, can you please also update https://github.com/kubernetes/enhancements/blob/master/keps/sig-node/2371-cri-pod-container-stats/kep.yaml#L20 to update latest-milestone from v1.25 to v1.26

This will address comment in #2371 (comment)

Thanks!

[danielye11]

Updated latest-milestone to 1.26

[bobbypage]

Thanks for updating

/lgtm

[bobbypage]

/cc @dashpole

per SIG instrumentation

[jpbetz]

From previous release, the PRR Questionnaire section for "Does enabling the feature change any default behavior?" said "Enabling this behavior means some stats endpoints will not be filled: some entries in /metrics/cadvisor"

Is this still accurate with this change? Is there anything about the structure of the metrics or what metrics are available that should be included in that PRR section?

[haircommander]

yeah this is still true. accelerator metrics, for instance, are being dropped. The table at the top has a column dedicated to saying whether we're aiming to support them

[dashpole]

Are container runtimes expected to return cached (with timestamp in the past) metrics?

What if a container runtime wants to return "fresh" metrics each time this is called? Is there a way to omit the timestamp from the metric. I believe it is recommended to omit the timestamp from the prometheus exposition when that is the case.

[danielye11]

I believe container runtimes will return "fresh" metrics whenever the gRPC call ListPodSandboxMetrics is called (at least on containerd side) so I think it makes sense to have the timestamp. I suppose depending on container runtime implementations there can be cached metrics. We keep Metric and make another type similar to it that does not include timestamp.

[haircommander]

we also could interpret a timestamp of 0 to mean omitted and leave it up to the CRI to say when they were collected (or say it was instantaneous)

[dashpole]

If metrics are fresh, there is no need to attach timestamps. The timestamp will not be meaningfully different from the scrape time, and should not be attached to prometheus metrics.

Disk usage metrics in particular can be very expensive to collect, and are likely to be cached.

A timestamp of 0 meaning no timestamp works for me, but should be documented in the API.

[haircommander]

I don't think we want to enforce they must be fresh. a CRI impl may want to cache them (cri-o may...). I think timestamp 0 as fresh is a good way to express it

[dashpole]

This is a reasonable approach. A few drawbacks that are worth including in the Drawbacks section:

• This doesn't enforce that container runtimes continue to support the full /metrics/cadvisor endpoint. CRI implementations appear to be free to deviate and produce different metrics as they see fit.
• Compared with the container runtime exposing these metrics directly, there is significant complexity (I have to implement a new CRI function using prometheus metrics as input), and some overhead from converting between prometheus, the CRI format, and back.

[derekwaynecarr]

for sig-node

/lgtm
/approve

[k8s-ci-robot]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: danielye11, derekwaynecarr

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

• keps/sig-node/OWNERS [derekwaynecarr]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment