From 5c26ac8e31e45dcdc5b5429313021ee3e507c346 Mon Sep 17 00:00:00 2001 From: Quan Zhang Date: Thu, 27 Jul 2023 16:03:57 -0400 Subject: [PATCH] [TEP-0135] Improve workspace related documentation This commit updates the `Workspace` related documentation after introducing the `coschedule` feature flag. This commit also elaborates more on `PersistentVolume` Availability Zone scheduling conflict and calls out restrictions of using multiple PVC based workspaces in a `PipelineTaskRun` in different coschedule modes. /kind documentation --- docs/workspaces.md | 30 +++++++++++++++++++++++------- 1 file changed, 23 insertions(+), 7 deletions(-) diff --git a/docs/workspaces.md b/docs/workspaces.md index 27c8cfd7210..54bafb6ee2f 100644 --- a/docs/workspaces.md +++ b/docs/workspaces.md @@ -366,6 +366,9 @@ to define when a `Task` should be executed. For more information, see the [`runA When a `PersistentVolumeClaim` is used as volume source for a `Workspace` in a `PipelineRun`, an Affinity Assistant will be created. For more information, see the [`Affinity Assistants` documentation](affinityassistants.md). +**Note**: It is not allowed to bind multiple [`PersistentVolumeClaim` based workspaces](#using-persistentvolumeclaims-as-volumesource) to a `PipelineTaskRun` in the `coschedule workspaces` coschedule mode due to potential Availability Zone conflict. +See more details about Availability Zone in [using persistent volumes within a PipelineRun](#using-persistent-volumes-within-a-pipelinerun). + #### Specifying `Workspaces` in `PipelineRuns` For a `PipelineRun` to execute a `Pipeline` that includes one or more `Workspaces`, it needs to @@ -577,13 +580,6 @@ only available to Nodes within *one* Availability Zone. There is usually an opti but they have trade-offs, e.g. you need to pay for multiple volumes since they are replicated and your volume may have substantially higher latency. -When using a workspace backed by a `PersistentVolumeClaim` (typically only available within a Data Center) and the `TaskRun` -pods can be scheduled to any Availability Zone in a regional cluster, some techniques must be used to avoid deadlock in the `Pipeline`. - -Tekton provides an Affinity Assistant that schedules all `TaskRun` Pods sharing a `PersistentVolumeClaim` to the same -Node. This avoids deadlocks that can happen when two Pods requiring the same Volume are scheduled to different Availability Zones. -A volume typically only lives within a single Availability Zone. - ### Access Modes A `PersistentVolumeClaim` specifies an [Access Mode](https://kubernetes.io/docs/concepts/storage/persistent-volumes/#access-modes). @@ -601,6 +597,26 @@ the storage solution that you are using. * `ReadWriteMany` is the least commonly available Access Mode. If you use this access mode and these volumes are available to all Nodes within your cluster, you may want to disable the Affinity Assistant. +### Persistent Volume Availability Zone + +`Persistent Volumes` are usually "zonal" (i.e. they live within a single Availability Zone and cannot be accessed from a `pod` living in another Availability Zone). When using a workspace backed by a `PersistentVolumeClaim` (typically only available within a Data Center), the `TaskRun` +`pods` can be scheduled to any Availability Zone in a regional cluster. This leads to two kinds of potential Availability Zone scheduling conflict. +To avoid such conflict in `PipelineRuns`, Tekton provides [Affinity Assistants](affinityassistants.md) that schedule all `PipelineTaskRun` Pods or all `PipelineTaskRun` sharing a `PersistentVolumeClaim` to the same Node depending on the `coschedule` mode. + +#### `PipelineTaskRuns` sharing the same `PersistentVolumeClaim` are scheduled to different Availability Zones. +If two `PipelineTaskRuns` sharing the same `PersistentVolumeClaim` based workspace are scheduled to different Availability Zones, it is impossible to +schedule a `PersistentVolume` that can be accessed by both `PipelineTaskRuns`. + +The Affinity Assistant provides `coschedule: workspaces` mode to enforce scheduling all the `PipelineTaskRuns` `pods` sharing the same `PersistentVolumeClaim` based workspace to the same node (Availability Zone). By scheduling the `PersistentVolume` to the same Availability Zone as the `pods`, the deadlock is avoided. + +#### Multiple `PersistentVolumeClaims` in different Availability Zones are binded to a `PipelineTaskRun` +If multiple `PersistentVolumeClaims` are binded to a `PipelineTaskRun` and the `PersistentVolumeClaims` are scheduled to different Availability Zone, +it is impossible to schedule the `PipelineTaskRun` to an Availability Zone that can access all the binded `PersistentVolumeClaims` (i.e. `pvc1` is scheduled to Zone 1 and `pvc2` is scheduled to Zone 2, where should I schedule the `PipelineTaskRun`?) + +The Affinity Assistant provides `coschedule: pipelineruns` mode to enforce scheduling all the `PipelineTaskRun` `pods` to the same node (Availability Zone). With this restriction, it is safe to bind multiple `PersistentVolumeClaims` to multiple `PipelineTaskRuns` since all the `pods` and `PersistentVolumeClaims` are all in the same Availability Zone. + +**Note:** Binding multiple `PersistentVolumeClaim` based workspaces to a `PipelineTaskRuns` in `coschedule:workspaces` mode is **NOT** allowed because `PipelineTaskRuns` `pods` can be scheduled to multiple Availability Zones. + ## More examples See the following in-depth examples of configuring `Workspaces`: