1 // Copyright (C) The Arvados Authors. All rights reserved.
3 // SPDX-License-Identifier: AGPL-3.0
15 "git.arvados.org/arvados.git/lib/cloud"
16 "git.arvados.org/arvados.git/sdk/go/arvados"
17 "git.arvados.org/arvados.git/sdk/go/stats"
18 "github.com/sirupsen/logrus"
23 maxPingFailTime = 10 * time.Minute
26 // State indicates whether a worker is available to do work, and (if
27 // not) whether/when it is expected to become ready.
31 StateUnknown State = iota // might be running a container already
32 StateBooting // instance is booting
33 StateIdle // instance booted, no containers are running
34 StateRunning // instance is running one or more containers
35 StateShutdown // worker has stopped monitoring the instance
38 var stateString = map[State]string{
39 StateUnknown: "unknown",
40 StateBooting: "booting",
42 StateRunning: "running",
43 StateShutdown: "shutdown",
46 // String implements fmt.Stringer.
47 func (s State) String() string {
51 // MarshalText implements encoding.TextMarshaler so a JSON encoding of
52 // map[State]anything uses the state's string representation.
53 func (s State) MarshalText() ([]byte, error) {
54 return []byte(stateString[s]), nil
57 // BootOutcome is the result of a worker boot. It is used as a label in a metric.
58 type BootOutcome string
61 BootOutcomeFailed BootOutcome = "failure"
62 BootOutcomeSucceeded BootOutcome = "success"
63 BootOutcomeAborted BootOutcome = "aborted"
64 BootOutcomeDisappeared BootOutcome = "disappeared"
67 var validBootOutcomes = map[BootOutcome]bool{
68 BootOutcomeFailed: true,
69 BootOutcomeSucceeded: true,
70 BootOutcomeAborted: true,
71 BootOutcomeDisappeared: true,
74 // IdleBehavior indicates the behavior desired when a node becomes idle.
75 type IdleBehavior string
78 IdleBehaviorRun IdleBehavior = "run" // run containers, or shutdown on idle timeout
79 IdleBehaviorHold IdleBehavior = "hold" // don't shutdown or run more containers
80 IdleBehaviorDrain IdleBehavior = "drain" // shutdown immediately when idle
83 var validIdleBehavior = map[IdleBehavior]bool{
84 IdleBehaviorRun: true,
85 IdleBehaviorHold: true,
86 IdleBehaviorDrain: true,
90 logger logrus.FieldLogger
94 mtx sync.Locker // must be wp's Locker.
96 idleBehavior IdleBehavior
97 instance cloud.Instance
98 instType arvados.InstanceType
106 firstSSHConnection time.Time
108 running map[string]*remoteRunner // remember to update state idle<->running when this changes
109 starting map[string]*remoteRunner // remember to update state idle<->running when this changes
110 probing chan struct{}
111 bootOutcomeReported bool
112 timeToReadyReported bool
113 staleRunLockSince time.Time
116 func (wkr *worker) onUnkillable(uuid string) {
118 defer wkr.mtx.Unlock()
119 logger := wkr.logger.WithField("ContainerUUID", uuid)
120 if wkr.idleBehavior == IdleBehaviorHold {
121 logger.Warn("unkillable container, but worker has IdleBehavior=Hold")
124 logger.Warn("unkillable container, draining worker")
125 wkr.setIdleBehavior(IdleBehaviorDrain)
128 func (wkr *worker) onKilled(uuid string) {
130 defer wkr.mtx.Unlock()
131 wkr.closeRunner(uuid)
135 // caller must have lock.
136 func (wkr *worker) reportBootOutcome(outcome BootOutcome) {
137 if wkr.bootOutcomeReported {
140 if wkr.wp.mBootOutcomes != nil {
141 wkr.wp.mBootOutcomes.WithLabelValues(string(outcome)).Inc()
143 wkr.bootOutcomeReported = true
146 // caller must have lock.
147 func (wkr *worker) reportTimeBetweenFirstSSHAndReadyForContainer() {
148 if wkr.timeToReadyReported {
151 if wkr.wp.mTimeToSSH != nil {
152 wkr.wp.mTimeToReadyForContainer.Observe(time.Since(wkr.firstSSHConnection).Seconds())
154 wkr.timeToReadyReported = true
157 // caller must have lock.
158 func (wkr *worker) setIdleBehavior(idleBehavior IdleBehavior) {
159 wkr.logger.WithField("IdleBehavior", idleBehavior).Info("set idle behavior")
160 wkr.idleBehavior = idleBehavior
165 // caller must have lock.
166 func (wkr *worker) startContainer(ctr arvados.Container) {
167 logger := wkr.logger.WithFields(logrus.Fields{
168 "ContainerUUID": ctr.UUID,
169 "Priority": ctr.Priority,
171 logger.Debug("starting container")
172 rr := newRemoteRunner(ctr.UUID, wkr)
173 wkr.starting[ctr.UUID] = rr
174 if wkr.state != StateRunning {
175 wkr.state = StateRunning
180 if wkr.wp.mTimeFromQueueToCrunchRun != nil {
181 wkr.wp.mTimeFromQueueToCrunchRun.Observe(time.Since(ctr.CreatedAt).Seconds())
184 defer wkr.mtx.Unlock()
188 delete(wkr.starting, ctr.UUID)
189 wkr.running[ctr.UUID] = rr
190 wkr.lastUUID = ctr.UUID
194 // ProbeAndUpdate conducts appropriate boot/running probes (if any)
195 // for the worker's current state. If a previous probe is still
196 // running, it does nothing.
198 // It should be called in a new goroutine.
199 func (wkr *worker) ProbeAndUpdate() {
201 case wkr.probing <- struct{}{}:
205 wkr.logger.Debug("still waiting for last probe to finish")
209 // probeAndUpdate calls probeBooted and/or probeRunning if needed, and
210 // updates state accordingly.
212 // In StateUnknown: Call both probeBooted and probeRunning.
213 // In StateBooting: Call probeBooted; if successful, call probeRunning.
214 // In StateRunning: Call probeRunning.
215 // In StateIdle: Call probeRunning.
216 // In StateShutdown: Do nothing.
218 // If both probes succeed, wkr.state changes to
219 // StateIdle/StateRunning.
221 // If probeRunning succeeds, wkr.running is updated. (This means
222 // wkr.running might be non-empty even in StateUnknown, if the boot
225 // probeAndUpdate should be called in a new goroutine.
226 func (wkr *worker) probeAndUpdate() {
228 updated := wkr.updated
229 initialState := wkr.state
236 stderr []byte // from probeBooted
239 switch initialState {
242 case StateIdle, StateRunning:
244 case StateUnknown, StateBooting:
246 panic(fmt.Sprintf("unknown state %s", initialState))
249 probeStart := time.Now()
250 logger := wkr.logger.WithField("ProbeStart", probeStart)
253 booted, stderr = wkr.probeBooted()
255 // Pretend this probe succeeded if another
256 // concurrent attempt succeeded.
258 booted = wkr.state == StateRunning || wkr.state == StateIdle
262 logger.Info("instance booted; will try probeRunning")
265 reportedBroken := false
266 if booted || wkr.state == StateUnknown {
267 ctrUUIDs, reportedBroken, ok = wkr.probeRunning()
270 defer wkr.mtx.Unlock()
271 if reportedBroken && wkr.idleBehavior == IdleBehaviorRun {
272 logger.Info("probe reported broken instance")
273 wkr.reportBootOutcome(BootOutcomeFailed)
274 wkr.setIdleBehavior(IdleBehaviorDrain)
276 if !ok || (!booted && len(ctrUUIDs) == 0 && len(wkr.running) == 0) {
277 if wkr.state == StateShutdown && wkr.updated.After(updated) {
278 // Skip the logging noise if shutdown was
279 // initiated during probe.
282 // Using the start time of the probe as the timeout
283 // threshold ensures we always initiate at least one
284 // probe attempt after the boot/probe timeout expires
285 // (otherwise, a slow probe failure could cause us to
286 // shutdown an instance even though it did in fact
287 // boot/recover before the timeout expired).
288 dur := probeStart.Sub(wkr.probed)
289 if wkr.shutdownIfBroken(dur) {
290 // stderr from failed run-probes will have
291 // been logged already, but boot-probe
292 // failures are normal so they are logged only
293 // at Debug level. This is our chance to log
294 // some evidence about why the node never
295 // booted, even in non-debug mode.
297 wkr.reportBootOutcome(BootOutcomeFailed)
298 logger.WithFields(logrus.Fields{
300 "stderr": string(stderr),
301 }).Info("boot failed")
307 updateTime := time.Now()
308 wkr.probed = updateTime
310 if updated != wkr.updated {
311 // Worker was updated after the probe began, so
312 // wkr.running might have a container UUID that was
313 // not yet running when ctrUUIDs was generated. Leave
314 // wkr.running alone and wait for the next probe to
315 // catch up on any changes.
319 if len(ctrUUIDs) > 0 {
320 wkr.busy = updateTime
321 wkr.lastUUID = ctrUUIDs[0]
322 } else if len(wkr.running) > 0 {
323 // Actual last-busy time was sometime between wkr.busy
324 // and now. Now is the earliest opportunity to take
325 // advantage of the non-busy state, though.
326 wkr.busy = updateTime
329 changed := wkr.updateRunning(ctrUUIDs)
331 // Update state if this was the first successful boot-probe.
332 if booted && (wkr.state == StateUnknown || wkr.state == StateBooting) {
333 if wkr.state == StateBooting {
334 wkr.reportTimeBetweenFirstSSHAndReadyForContainer()
336 // Note: this will change again below if
337 // len(wkr.starting)+len(wkr.running) > 0.
338 wkr.state = StateIdle
342 // If wkr.state and wkr.running aren't changing then there's
343 // no need to log anything, notify the scheduler, move state
344 // back and forth between idle/running, etc.
349 // Log whenever a run-probe reveals crunch-run processes
350 // appearing/disappearing before boot-probe succeeds.
351 if wkr.state == StateUnknown && changed {
352 logger.WithFields(logrus.Fields{
353 "RunningContainers": len(wkr.running),
355 }).Info("crunch-run probe succeeded, but boot probe is still failing")
358 if wkr.state == StateIdle && len(wkr.starting)+len(wkr.running) > 0 {
359 wkr.state = StateRunning
360 } else if wkr.state == StateRunning && len(wkr.starting)+len(wkr.running) == 0 {
361 wkr.state = StateIdle
363 wkr.updated = updateTime
364 if booted && (initialState == StateUnknown || initialState == StateBooting) {
365 wkr.reportBootOutcome(BootOutcomeSucceeded)
366 logger.WithFields(logrus.Fields{
367 "RunningContainers": len(wkr.running),
369 }).Info("probes succeeded, instance is in service")
374 func (wkr *worker) probeRunning() (running []string, reportsBroken, ok bool) {
375 cmd := wkr.wp.runnerCmd + " --list"
376 if u := wkr.instance.RemoteUser(); u != "root" {
380 stdout, stderr, err := wkr.executor.Execute(nil, cmd, nil)
382 wkr.logger.WithFields(logrus.Fields{
384 "stdout": string(stdout),
385 "stderr": string(stderr),
386 }).WithError(err).Warn("probe failed")
387 wkr.wp.mRunProbeDuration.WithLabelValues("fail").Observe(time.Now().Sub(before).Seconds())
390 wkr.wp.mRunProbeDuration.WithLabelValues("success").Observe(time.Now().Sub(before).Seconds())
393 staleRunLock := false
394 for _, s := range strings.Split(string(stdout), "\n") {
395 // Each line of the "crunch-run --list" output is one
398 // * a container UUID, indicating that processes
399 // related to that container are currently running.
400 // Optionally followed by " stale", indicating that
401 // the crunch-run process itself has exited (the
402 // remaining process is probably arv-mount).
404 // * the string "broken", indicating that the instance
405 // appears incapable of starting containers.
407 // See ListProcesses() in lib/crunchrun/background.go.
409 // empty string following final newline
410 } else if s == "broken" {
412 } else if toks := strings.Split(s, " "); len(toks) == 1 {
413 running = append(running, s)
414 } else if toks[1] == "stale" {
415 wkr.logger.WithField("ContainerUUID", toks[0]).Info("probe reported stale run lock")
420 defer wkr.mtx.Unlock()
422 wkr.staleRunLockSince = time.Time{}
423 } else if wkr.staleRunLockSince.IsZero() {
424 wkr.staleRunLockSince = time.Now()
425 } else if dur := time.Now().Sub(wkr.staleRunLockSince); dur > wkr.wp.timeoutStaleRunLock {
426 wkr.logger.WithField("Duration", dur).Warn("reporting broken after reporting stale run lock for too long")
432 func (wkr *worker) probeBooted() (ok bool, stderr []byte) {
433 cmd := wkr.wp.bootProbeCommand
437 stdout, stderr, err := wkr.executor.Execute(nil, cmd, nil)
438 logger := wkr.logger.WithFields(logrus.Fields{
440 "stdout": string(stdout),
441 "stderr": string(stderr),
444 logger.WithError(err).Debug("boot probe failed")
447 logger.Info("boot probe succeeded")
448 if err = wkr.wp.loadRunnerData(); err != nil {
449 wkr.logger.WithError(err).Warn("cannot boot worker: error loading runner binary")
451 } else if len(wkr.wp.runnerData) == 0 {
452 // Assume crunch-run is already installed
453 } else if _, stderr2, err := wkr.copyRunnerData(); err != nil {
454 wkr.logger.WithError(err).WithField("stderr", string(stderr2)).Warn("error copying runner binary")
455 return false, stderr2
457 stderr = append(stderr, stderr2...)
462 func (wkr *worker) copyRunnerData() (stdout, stderr []byte, err error) {
463 hash := fmt.Sprintf("%x", wkr.wp.runnerMD5)
464 dstdir, _ := filepath.Split(wkr.wp.runnerCmd)
465 logger := wkr.logger.WithFields(logrus.Fields{
467 "path": wkr.wp.runnerCmd,
470 stdout, stderr, err = wkr.executor.Execute(nil, `md5sum `+wkr.wp.runnerCmd, nil)
471 if err == nil && len(stderr) == 0 && bytes.Equal(stdout, []byte(hash+" "+wkr.wp.runnerCmd+"\n")) {
472 logger.Info("runner binary already exists on worker, with correct hash")
476 // Note touch+chmod come before writing data, to avoid the
477 // possibility of md5 being correct while file mode is
479 cmd := `set -e; dstdir="` + dstdir + `"; dstfile="` + wkr.wp.runnerCmd + `"; mkdir -p "$dstdir"; touch "$dstfile"; chmod 0755 "$dstdir" "$dstfile"; cat >"$dstfile"`
480 if wkr.instance.RemoteUser() != "root" {
481 cmd = `sudo sh -c '` + strings.Replace(cmd, "'", "'\\''", -1) + `'`
483 logger.WithField("cmd", cmd).Info("installing runner binary on worker")
484 stdout, stderr, err = wkr.executor.Execute(nil, cmd, bytes.NewReader(wkr.wp.runnerData))
488 // caller must have lock.
489 func (wkr *worker) shutdownIfBroken(dur time.Duration) bool {
490 if wkr.idleBehavior == IdleBehaviorHold {
494 label, threshold := "", wkr.wp.timeoutProbe
495 if wkr.state == StateUnknown || wkr.state == StateBooting {
496 label, threshold = "new ", wkr.wp.timeoutBooting
501 wkr.logger.WithFields(logrus.Fields{
505 }).Warnf("%sinstance unresponsive, shutting down", label)
510 // Returns true if the instance is eligible for shutdown: either it's
511 // been idle too long, or idleBehavior=Drain and nothing is running.
513 // caller must have lock.
514 func (wkr *worker) eligibleForShutdown() bool {
515 if wkr.idleBehavior == IdleBehaviorHold {
518 draining := wkr.idleBehavior == IdleBehaviorDrain
523 return draining || time.Since(wkr.busy) >= wkr.wp.timeoutIdle
528 for _, rr := range wkr.running {
533 for _, rr := range wkr.starting {
538 // draining, and all remaining runners are just trying
539 // to force-kill their crunch-run procs
546 // caller must have lock.
547 func (wkr *worker) shutdownIfIdle() bool {
548 if !wkr.eligibleForShutdown() {
551 wkr.logger.WithFields(logrus.Fields{
553 "IdleDuration": stats.Duration(time.Since(wkr.busy)),
554 "IdleBehavior": wkr.idleBehavior,
555 }).Info("shutdown worker")
556 wkr.reportBootOutcome(BootOutcomeAborted)
561 // caller must have lock.
562 func (wkr *worker) shutdown() {
566 wkr.state = StateShutdown
569 err := wkr.instance.Destroy()
571 wkr.logger.WithError(err).Warn("shutdown failed")
577 // Save worker tags to cloud provider metadata, if they don't already
578 // match. Caller must have lock.
579 func (wkr *worker) saveTags() {
580 instance := wkr.instance
581 tags := instance.Tags()
582 update := cloud.InstanceTags{
583 wkr.wp.tagKeyPrefix + tagKeyInstanceType: wkr.instType.Name,
584 wkr.wp.tagKeyPrefix + tagKeyIdleBehavior: string(wkr.idleBehavior),
587 for k, v := range update {
595 err := instance.SetTags(tags)
597 wkr.wp.logger.WithField("Instance", instance.ID()).WithError(err).Warnf("error updating tags")
603 func (wkr *worker) Close() {
604 // This might take time, so do it after unlocking mtx.
605 defer wkr.executor.Close()
608 defer wkr.mtx.Unlock()
609 for uuid, rr := range wkr.running {
610 wkr.logger.WithField("ContainerUUID", uuid).Info("crunch-run process abandoned")
613 for uuid, rr := range wkr.starting {
614 wkr.logger.WithField("ContainerUUID", uuid).Info("crunch-run process abandoned")
619 // Add/remove entries in wkr.running to match ctrUUIDs returned by a
620 // probe. Returns true if anything was added or removed.
622 // Caller must have lock.
623 func (wkr *worker) updateRunning(ctrUUIDs []string) (changed bool) {
624 alive := map[string]bool{}
625 for _, uuid := range ctrUUIDs {
627 if _, ok := wkr.running[uuid]; ok {
629 } else if rr, ok := wkr.starting[uuid]; ok {
630 wkr.running[uuid] = rr
631 delete(wkr.starting, uuid)
634 // We didn't start it -- it must have been
635 // started by a previous dispatcher process.
636 wkr.logger.WithField("ContainerUUID", uuid).Info("crunch-run process detected")
637 wkr.running[uuid] = newRemoteRunner(uuid, wkr)
641 for uuid := range wkr.running {
643 wkr.closeRunner(uuid)
650 // caller must have lock.
651 func (wkr *worker) closeRunner(uuid string) {
652 rr := wkr.running[uuid]
656 wkr.logger.WithField("ContainerUUID", uuid).Info("crunch-run process ended")
657 delete(wkr.running, uuid)
662 wkr.wp.exited[uuid] = now
663 if wkr.state == StateRunning && len(wkr.running)+len(wkr.starting) == 0 {
664 wkr.state = StateIdle