kubeadm: change service activity check logic in ServiceCheck

[mythi]

What this PR does / why we need it:
The PR brings kubeadm improvements.

Which issue(s) this PR fixes (optional, in fixes #<issue number>(, fixes #<issue_number>, ...) format, will close the issue(s) when PR gets merged):
Fixes #

Special notes for your reviewer:
The PR changes the service activity check logic in ServiceCheck. It is necessary because kubelet may be running (in the standalone mode) and the user doesn't necessarily now why the other checks (especially Port10250) are failing.

Release note:

kubeadm: change service activity check logic in ServiceCheck 

[k8s-ci-robot]

Thanks for your pull request. Before we can look at your pull request, you'll need to sign a Contributor License Agreement (CLA).

📝 Please follow instructions at https://git.k8s.io/community/CLA.md#the-contributor-license-agreement to sign the CLA.

It may take a couple minutes for the CLA signature to be fully registered; after that, please reply here with a new comment and we'll verify. Thanks.

---

• If you've already signed a CLA, it's possible we don't have your GitHub username or you're using a different email address. Check your existing CLA data and verify that your email is set on your git commits.
• If you signed the CLA as a corporation, please sign in with your organization's credentials at https://identity.linuxfoundation.org/projects/cncf to be authorized.
• If you have done the above and are still having issues with the CLA being reported as unsigned, please email the CNCF helpdesk: helpdesk@rt.linuxfoundation.org

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here.

[mythi]

cnfc-cla should be OK now.

[timothysc]

I'm guessing some tests will need to be updated for this?

[mythi]

make check WHAT="./cmd/kubeadm/app/preflight" GOFLAGS="-v" passes with these changes. I'll need to see why the automated PR checks are failing.

[xiangpengzhao]

/ok-to-test

@timothysc FYI: removing needs-ok-to-test manually doesn't trigger tests :)

[xiangpengzhao]

@mythi seems like CLA status is not detected...

[k8s-ci-robot]

Thanks for your pull request. Before we can look at your pull request, you'll need to sign a Contributor License Agreement (CLA).

📝 Please follow instructions at https://git.k8s.io/community/CLA.md#the-contributor-license-agreement to sign the CLA.

It may take a couple minutes for the CLA signature to be fully registered; after that, please reply here with a new comment and we'll verify. Thanks.

---

• If you've already signed a CLA, it's possible we don't have your GitHub username or you're using a different email address. Check your existing CLA data and verify that your email is set on your git commits.
• If you signed the CLA as a corporation, please sign in with your organization's credentials at https://identity.linuxfoundation.org/projects/cncf to be authorized.
• If you have done the above and are still having issues with the CLA being reported as unsigned, please email the CNCF helpdesk: helpdesk@rt.linuxfoundation.org

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here.

[xiangpengzhao]

/retest
Seems like they are test flakes.

[xiangpengzhao]

k8s-ci-robot added the cncf-cla: no label 12 hours ago

@mythi your CLA status seems still not correct :)

[xiangpengzhao]

      diff -u ./cmd/kubeadm/app/preflight/checks.go.orig ./cmd/kubeadm/app/preflight/checks.go
--- ./cmd/kubeadm/app/preflight/checks.go.orig	2018-02-24 03:22:20.945495368 +0000
+++ ./cmd/kubeadm/app/preflight/checks.go	2018-02-24 03:22:20.945495368 +0000
@@ -115,9 +115,9 @@
 // detect a supported init system however, all checks are skipped and a warning is
 // returned.
 type ServiceCheck struct {
-	Service       string
+	Service    string
 	WantActive bool
-	Label         string
+	Label      string
 }
 
 // Name returns label for ServiceCheck. If not provided, will return based on the service parameter
@@ -149,10 +149,10 @@
 	}
 
 	if sc.WantActive != initSystem.ServiceIsActive(sc.Service) {
-		status  := [2]string{"active", "not active"}
+		status := [2]string{"active", "not active"}
 		command := [2]string{"stop", "start"}
-		index   := 0
-		if (sc.WantActive) {
+		index := 0
+		if sc.WantActive {
 			index = 1
 		}
 		errors = append(errors,

Run ./hack/update-gofmt.sh

[mythi]

On Tue, Feb 27, 2018 at 9:08 AM, Peter (XiangPeng) Zhao wrote: k8s-ci-robot added the cncf-cla: no label 12 hours ago @mythi <https://github.com/mythi> your CLA status seems still not correct :)

I noticed this and I'm currently checking why the robot thinks it's not OK. I have it signed.

[mythi]

On Tue, Feb 27, 2018 at 9:10 AM, Peter (XiangPeng) Zhao wrote: Run ./hack/update-gofmt.sh

Thanks!

[mythi]

/test cla/linuxfoundation

[mythi]

/retest

[BenTheElder]

Hmm is that the entire output? The last person I talked to with kazel failing just had kubernetes checked out to the wrong location (should be $GOPATH/src/k8s.io/kubernetes)

[mythi]

@BenTheElder That was it!

[mythi]

/cc @kad

[mythi]

retriggering cla check

[xiangpengzhao]

retriggering cla check

It works at last! 💯

[timothysc]

Also please squash commits.

[timothysc]

This parsing of intent from the return is odd to me. I'd think that having a utility function, or augmenting the return arg would be cleaner.

[mythi]

I've changed this.

[dims]

/uncc @dims

[mythi]

rebased + addressed the review feedback.

[k8s-ci-robot]

@mythi: The following tests failed, say /retest to rerun them all:

Test name	Commit	Details	Rerun command
pull-kubernetes-verify	0ffaf2a	link	/test pull-kubernetes-verify
pull-kubernetes-e2e-gce	0ffaf2a	link	/test pull-kubernetes-e2e-gce

Full PR test history. Your PR dashboard. Please help us cut down on flakes by linking to an open issue when you hit one in your PR.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here.

[timothysc]

/assign @detiber @stealthybox

[detiber]

This seems to change the behavior of the kubelet check significantly here... It looks like previously CheckIfActive would skip the active check completely, but now with WantActive this is testing specifically for the kublet not being active.

[mythi]

Yes, that's what I'm suggesting. The reasons are explained in the commit message.

[detiber]

Right, but since we are checking for active or activating here wouldn't this preflight check fail by default on any system that has the kubelet enabled/started before running kubeadm (which is the default case on Ubuntu/Debian systems)?

[mythi]

Here's my observation: if kubelet is active, kubeadm init would fail in markmaster timeout (I was hit by this). If kubelet is activating, it's actually crash-looping and can only start/recover once the configurations are created by kubeadm.

So I thought to make it more bullet proof and make sure we start with kubelet not running at all. That's the state where kubeadm reset leaves it too.

[detiber]

@mythi that behavior makes perfect sense to me and is the default behavior when installing from the rpms. However the expected behavior with debs is that the service is enabled and started after installation, which is also the behavior with the current debs that we ship.

While I personally don't agree with the default behavior of enabling/starting daemons on package install, it is the expected behavior on Debian/Ubuntu systems.

That said, I believe the only reason that we are currently checking for active or activating is for the check in kubeadm.

[mythi]

@detiber I'm not sure I got your point wrt. to my change proposal. I don't mind to keep kubelet running as it is today (and I don't mind if this PR is not OK) as long as the behaviour is consistent. Right now you have to have it crash-looping in order to get kubeadm init to succeed. For newcomers like me it'll take some time to realize why active is not sufficient.

[detiber]

@mythi maybe I'm not fully grokking these changes, but it appears to me that the preflight check would currently fail on an Ubuntu host because we are testing that initSystem.ServiceIsActive() returns false for the kubelet, since ServiceIsActive() is checking for 'active' or 'activating' and the kubelet service on Ubuntu will be in 'activating' by default.

[mythi]

@detiber Currently the preflight check for kubelet ignores the activity status (CheckIfActive is set to false).

[k8s-ci-robot]

@mythi: PR needs rebase.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

[mythi]

I don't have the urgent need to get this merged since I know the workaround needed to address the failures I'm seeing. I'm closing this and look into alternatives to improve documentation to ensure people don't hit the same problem.