WIP: OCPNODE-2462 - Split Filesystem OCP Enhancement

[kannon92]

This is a OCP enhancement for enabling KEP-4191 in openshift.

[openshift-ci]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by:
Once this PR has been reviewed and has the lgtm label, please assign ashcrow for approval. For more information see the Kubernetes Code Review Process.

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files:

• OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[rphillips]

This could be an out-of-scope item. There is an argument that externally managed storage is owned by the customer.

[kannon92]

My main reason for listing this out is what happens if you change from no image store to a new location for image store. Kubelet GC of the existing images would not clean that up.

And tbh crictl wouldn't either. I guess we would require manual deletion if they ran out of disk space.

[rphillips]

Technically, I think we should reserve, IMAGE_STORE as a partition label.
This document could go into this. The script can attempt to mount by label the IMAGE_STORE partition.

The split-filesystem.sh script would:

• mount by label the partition named IMAGE_STORE
• check to see if the relabelling has been done
  • if not, relabel the filesystem
    • touch a file within mounted filesystem on completion of the relabelling (ie: .relabel-complete)

Node Team's scope starts at IMAGE_STORE partition label... This partition label could be setup by CAPI or by documentation or by some other external entity.

[haircommander]

does this work with 4.17.0? if so we should use the newest version IMO

[kannon92]

Interestingly enough I only got this to work with 4.14.

[haircommander]

should spell out what to do with the containers (which would be left over after the reboot), especially because a lot of those containers will require a running network pod to remove

[kannon92]

I have this sorta as an open question.

Do we manually delete all of /var/lib/container/storage on enablement of this feature or disable?

I think using a tool like crictl may actually not work if we change the container runtime. For podman changing these locations does orphan those containers/images.

I think a manual rm may be the best thing we can do.. Unless we delete before enablement of the feature.

[rphillips]

Why do we want the old images removed?

[rphillips]

Why do we want the old images removed?

[rphillips]

We are going to take this enhancement to a meeting to discuss further design.

[openshift-bot]

Inactive enhancement proposals go stale after 28d of inactivity.

See https://github.com/openshift/enhancements#life-cycle for details.

Mark the proposal as fresh by commenting /remove-lifecycle stale.
Stale proposals rot after an additional 7d of inactivity and eventually close.
Exclude this proposal from closing by commenting /lifecycle frozen.

If this proposal is safe to close now please do so with /close.

/lifecycle stale

[kwilczynski]

/remove-lifecycle stale

[openshift-ci]

@kannon92: all tests passed!

Full PR test history. Your PR dashboard.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.