Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Appearance settings

APIServer APF estimates cost for LIST not work #130139

New issue
Copy link
New issue
Copy link
Open
Open
APIServer APF estimates cost for LIST not work#130139
Copy link
Assignees
MikeSpreitzer
Labels
kind/bugCategorizes issue or PR as related to a bug.Categorizes issue or PR as related to a bug.sig/api-machineryCategorizes an issue or PR as relevant to SIG API Machinery.Categorizes an issue or PR as relevant to SIG API Machinery.triage/acceptedIndicates an issue or PR is ready to be actively worked on.Indicates an issue or PR is ready to be actively worked on.
@AllenXu93

Description

@AllenXu93
AllenXu93
opened on Feb 13, 2025
Issue body actions

What happened?

According to the documentation https://kubernetes.io/docs/concepts/cluster-administration/flow-control/#seats-occupied-by-a-request , the APIServer's APF (API Priority and Fairness) calculates seats for each request as a reference to measure the consumption of each API. Specifically, List requests determine the number of seats based on the number of objects returned.

However, in actual usage, I have observed that all List requests (regardless of the number of objects) are assigned only 1 seat by APF.
For example, I have 1w+ pods in cluster, seat expected to be 10.

apiserver_flowcontrol_work_estimated_seats_bucket{flow_schema="list-pods",priority_level="list-pods",le="1"} 84
apiserver_flowcontrol_work_estimated_seats_bucket{flow_schema="list-pods",priority_level="list-pods",le="2"} 84
apiserver_flowcontrol_work_estimated_seats_bucket{flow_schema="list-pods",priority_level="list-pods",le="4"} 84
apiserver_flowcontrol_work_estimated_seats_bucket{flow_schema="list-pods",priority_level="list-pods",le="10"} 84
apiserver_flowcontrol_work_estimated_seats_bucket{flow_schema="list-pods",priority_level="list-pods",le="+Inf"} 84

I found that the seat calculation for List requests happens at

kubernetes/staging/src/k8s.io/apiserver/pkg/util/flowcontrol/request/list_work_estimator.go

Line 50 in 2642d82

minSeats := e.config.MinimumSeats

and every request hit the error:

kubernetes/staging/src/k8s.io/apiserver/pkg/util/flowcontrol/request/list_work_estimator.go

Line 100 in 2642d82

case err == ObjectCountNotFoundErr:

.

So I add some debug log in objectCountTracker set, found that objectCountTracker is nil, so it will never update the object count, which will cause ObjectCountNotFoundErr in APF list estimator.

kubernetes/staging/src/k8s.io/apiserver/pkg/registry/generic/registry/store.go

Lines 1673 to 1675 in 2642d82

if objectCountTracker != nil {
objectCountTracker.Set(resourceName, count)
}

What did you expect to happen?

In APF (API Priority and Fairness), the seats for a List request should increase with the number of objects returned, rather than always being 1.

How can we reproduce it (as minimally and precisely as possible)?

There is my apf config.

apiVersion: flowcontrol.apiserver.k8s.io/v1beta3
kind: PriorityLevelConfiguration
metadata:
  name: list-pods
spec:
  limited:
    nominalConcurrencyShares: 1
    borrowingLimitPercent: 0
    limitResponse:
      queuing:
        handSize: 5
        queueLengthLimit: 0
        queues: 5
      type: Queue
  type: Limited
---
apiVersion: flowcontrol.apiserver.k8s.io/v1beta3
kind: FlowSchema
metadata:
  name: list-pods
spec:
  distinguisherMethod:
    type: ByUser
  matchingPrecedence: 100
  priorityLevelConfiguration:
    name: list-pods
  rules:
  - resourceRules:
    - apiGroups:
      - '*'
      clusterScope: true
      namespaces:
      resources:
      - pods
      verbs:
      - list
    subjects:
    - group:
        name: system:authenticated
      kind: Group

Anything else we need to know?

No response

Kubernetes version

Server Version: v1.32.2

Cloud provider

OS version

# On Linux:
$ cat /etc/os-release
# paste output here
$ uname -a
# paste output here

# On Windows:
C:\> wmic os get Caption, Version, BuildNumber, OSArchitecture
# paste output here

Install tools

Container runtime (CRI) and version (if applicable)

Related plugins (CNI, CSI, ...) and versions (if applicable)

Metadata

Metadata

Assignees

Labels

kind/bugCategorizes issue or PR as related to a bug.Categorizes issue or PR as related to a bug.sig/api-machineryCategorizes an issue or PR as relevant to SIG API Machinery.Categorizes an issue or PR as relevant to SIG API Machinery.triage/acceptedIndicates an issue or PR is ready to be actively worked on.Indicates an issue or PR is ready to be actively worked on.

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions
    Morty Proxy This is a proxified and sanitized view of the page, visit original site.