Add administrative interface to invoker and controller to reconfigure runtimes

[ningyougang]

Sometimes, admin may want to reinitalize the runtime config, e.g. nodejs:10 prewarm container number is less, lead to cold start, in order to handle user's request as soon as possible, admin may want to reinitalize the runtime configuration to increase the nodejs:10 prewarm containers.
And admin may want to reinitalize the runtime config on some limited invokers, this patch includes below changes

• config runtime via controller to all managed invokers(or some limited inovkers which included in managed inovkers)
• config runtime via invoker directly
• get runtime info via invoker directly
• add documents
• test cases

Description

Related issue and scope

• I opened an issue to propose and discuss this change (#????)

My changes affect the following components

• API
• Controller
• Message Bus (e.g., Kafka)
• Loadbalancer
• Invoker
• Intrinsic actions (e.g., sequences, conductors)
• Data stores (e.g., CouchDB)
• Tests
• Deployment
• CLI
• General tooling
• Documentation

Types of changes

• Bug fix (generally a non-breaking change which closes an issue).
• Enhancement or new feature (adds new functionality).
• Breaking change (a bug fix or enhancement which changes existing behavior).

Checklist:

• I signed an Apache CLA.
• I reviewed the style guides and followed the recommendations (Travis CI will check :).
• I added tests to cover my changes.
• My changes require further changes to the documentation.
• I updated the documentation where necessary.

[ningyougang]

Usually, entity(as[Runtimes]) may be better, but if we apply this, need to change Runtimes to support convert json to entity Runtimes, and on the other hand, runtime.json's format doesn't match Runtimes entity, need to change a lot if use entity(as[Runtimes]) to receive the data.

Fortunately，we can reuse openwhisk itself's initialize method, just convert the runtime string to Runtimes.

So here, i think pass runtime string would be ok.

[rabbah]

I think you can do as json object instead of string to tighten this a bit more. I agree not to deserialize into a Runtimes instance.

[ningyougang]

Support passed limit invokers, e.g. ?limit=0:1 ( sent to invoker0, invoker1 only)
And the config runtime request can be sent to some limited invokers which included in managed invokers as well.

[style95]

This should be reverted.

[ningyougang]

DefaultInvokerServer is already reverted

[style95]

Would be great to support 0:0 case as well.
Ansible is using the same way.

[ningyougang]

Yes, already support 0:0 case.

[codecov-io]

Codecov Report

Merging #4790 into master will decrease coverage by 6.86%.
The diff coverage is 41.78%.

@@            Coverage Diff             @@
##           master    #4790      +/-   ##
==========================================
- Coverage   82.35%   75.49%   -6.87%     
==========================================
  Files         198      199       +1     
  Lines        9021     9123     +102     
  Branches      353      379      +26     
==========================================
- Hits         7429     6887     -542     
- Misses       1592     2236     +644

Impacted Files	Coverage Δ
...la/org/apache/openwhisk/core/invoker/Invoker.scala	71.66% <ø> (-0.47%)	⬇️
.../apache/openwhisk/core/controller/Controller.scala	0% <0%> (ø)	⬆️
...che/openwhisk/core/loadBalancer/LoadBalancer.scala	15.38% <0%> (-1.29%)	⬇️
...e/loadBalancer/ShardingContainerPoolBalancer.scala	73.91% <0%> (-2.93%)	⬇️
...rg/apache/openwhisk/core/entity/ExecManifest.scala	97.36% <100%> (+0.14%)	⬆️
.../scala/org/apache/openwhisk/core/WhiskConfig.scala	94.85% <100%> (+0.03%)	⬆️
.../org/apache/openwhisk/core/connector/Message.scala	77.61% <37.5%> (-2.55%)	⬇️
...e/openwhisk/core/containerpool/ContainerPool.scala	89.04% <44.44%> (-6.61%)	⬇️
...pache/openwhisk/core/invoker/InvokerReactive.scala	78.62% <64.4%> (-1.03%)	⬇️
.../openwhisk/core/invoker/DefaultInvokerServer.scala	75% <75%> (ø)
... and 21 more

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 394e9f6...12201bb. Read the comment docs.

[ningyougang]

If generate controller/invoker credentials to container's /conf/, the Standalone Tests run failed due to lack /conf/ under the build machine

On the other hand, couchdb credentials is passed via environment variable, so controller/invoker credentials can be passed via environment variable as well.

[ningyougang]

Already added test cases

[rabbah]

The limiting of a runtime to specific invokers is related to how invokers are partitioned for black box vs non-black box invokers (based on a % of active invokers in the system). I suggest splitting out the "limit" feature into a separate PR and having a mechanism for specifying distributions of runtimes to invokers and letting the load balancer calculate the partition.

That isn't powerful enough to when it is desirable to route to a specific invoker - is that a desired feature (vs limiting to a range of invokers active in the system)?

[rabbah]

this completes the https request with status code 200 - is that what was intended?

[ningyougang]

Hi, almost forgot this patch :(
I changed like below

logging.info(this, s"received invalid runtimes manifest")
complete(StatusCodes.BadRequest)

[rabbah]

.error is for internal errors, where here this is user input error, i think .info is better.

[ningyougang]

Already changed to .info

[rabbah]

use

Suggested change

	val pattern = "\\d+:\\d"
	val pattern = """\d+:\d"""

using triple quotes allows you to use a regex without escape characters.

[ningyougang]

Changed

[rabbah]

scala nit: you can use a case match here instead.

[ningyougang]

I just follow other codes using execManifest.isFailure to judge whether success or fail

[rabbah]

is there a later validation to check that the invoker indexing is in range?

[ningyougang]

Yes, validate it in ShardingContainerPoolLoadbalacer.scala

  /** send runtime to invokers*/
  override def sendRuntimeToInvokers(runtime: String, targetInvokers: Option[List[Int]]): Unit = {
    val runtimeMessage = RuntimeMessage(runtime)
    schedulingState.managedInvokers.filter { manageInvoker =>
      targetInvokers.getOrElse(schedulingState.managedInvokers.map(_.id.instance)).contains(manageInvoker.id.instance)
    } foreach { invokerHealth =>
      val topic = s"invoker${invokerHealth.id.toInt}"
      messageProducer.send(topic, runtimeMessage).andThen {
        case Success(_) =>
          logging.info(this, s"Successfully posted runtime to topic $topic")
        case Failure(_) =>
          logging.error(this, s"Failed posted runtime to topic $topic")
      }
    }
  }

[rabbah]

scala nit: you can rewrite this either if/else and nested clauses using case matching on regex.

[ningyougang]

hm.. can you show a example? my codes like below

if (targetValue.matches(pattern)) {
  val invokerArray = targetValue.split(":")
  val beginIndex = invokerArray(0).toInt
  val finishIndex = invokerArray(1).toInt
  if (finishIndex < beginIndex) {
    logging.info(this, "finishIndex can't be less than beginIndex")
    complete(StatusCodes.BadRequest)
  } else {
    val targetInvokers = (beginIndex to finishIndex).toList
    loadBalancer.sendRuntimeToInvokers(runtime, Some(targetInvokers))
    logging.info(this, "config runtime request is already sent to target invokers")
    complete(StatusCodes.BadRequest)
  }
} else {
  logging.info(this, "limit value can't match [beginIndex:finishIndex]")
  complete(StatusCodes.BadRequest)
}

[rabbah]

how will new runtime images get pulled to the invoker nodes? are you assuming they get pulled either via stem-cell "run" or when an action actually runs in the future?

[ningyougang]

When send to reqeust to backend (e.g. curl -u xxx:xxx-X POST http://xxx:xxx:10001/config/runtime), it will pull new runtime image immediately and create prewarm container if the stem-cell > 0.

[rabbah]

i dont think any of these changes are necessary if you read configs through pureconfig.

[ningyougang]

Yes, already deleted.

[rabbah]

why?

[ningyougang]

Just make previous's request handled successfully, because previous is a ansyc operation.

[ningyougang]

@rabbah

The limiting of a runtime to specific invokers is related to how invokers are partitioned for black box vs non-black box invokers (based on a % of active invokers in the system). I suggest splitting out the "limit" feature into a separate PR and having a mechanism for specifying distributions of runtimes to invokers and letting the load balancer calculate the partition.

hm.. this patch just reconfigure the runtime.json(recreate prewarm containers according to passed runtime string), i don't understand what's mean I suggest splitting out the "limit" feature into a separate PR

That isn't powerful enough to when it is desirable to route to a specific invoker - is that a desired feature (vs limiting to a range of invokers active in the system)?

Yes, it is not powerful, so i deleted route to a specific invoker because already have limiting to a range of invokers

[ningyougang]

I changed to complete(StatusCodes.Accepted), because it is a async operation.

[ningyougang]

Add a inner variable laststPrewarmConfig, just make it pointed to the passed config runtime.
Because in this patch: #4698
when received ContainerRemoved(may be prewarm container crashed), it will backfill the prewarm.

[ningyougang]

Rebased.

[ningyougang]

Rebased

[ningyougang]

Support just change specify runtime config as well, e.g.
Let's assume runtimes.json include nodejs:12, python:2, swift4.1, we can change nodejs:12 runtime only via just pass nodejs:12 runtime info, for other runtimes, just use previous runtime info directly.

[codecov-commenter]

Codecov Report

Merging #4790 into master will decrease coverage by 6.56%.
The diff coverage is 50.00%.

@@            Coverage Diff             @@
##           master    #4790      +/-   ##
==========================================
- Coverage   83.56%   76.99%   -6.57%     
==========================================
  Files         201      202       +1     
  Lines        9515     9613      +98     
  Branches      400      415      +15     
==========================================
- Hits         7951     7402     -549     
- Misses       1564     2211     +647     

Impacted Files	Coverage Δ
...che/openwhisk/core/loadBalancer/LoadBalancer.scala	76.92% <0.00%> (-6.42%)	⬇️
...e/loadBalancer/ShardingContainerPoolBalancer.scala	77.71% <0.00%> (-3.08%)	⬇️
...la/org/apache/openwhisk/core/invoker/Invoker.scala	71.66% <ø> (-0.47%)	⬇️
.../apache/openwhisk/core/controller/Controller.scala	45.11% <10.00%> (-9.70%)	⬇️
.../org/apache/openwhisk/core/connector/Message.scala	76.11% <37.50%> (-4.04%)	⬇️
...pache/openwhisk/core/invoker/InvokerReactive.scala	77.86% <64.40%> (-1.79%)	⬇️
...e/openwhisk/core/containerpool/ContainerPool.scala	94.25% <66.66%> (-3.62%)	⬇️
.../openwhisk/core/invoker/DefaultInvokerServer.scala	75.00% <75.00%> (ø)
.../scala/org/apache/openwhisk/core/WhiskConfig.scala	95.00% <100.00%> (+0.03%)	⬆️
...rg/apache/openwhisk/core/entity/ExecManifest.scala	92.15% <100.00%> (+0.32%)	⬆️
... and 22 more

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 395149d...4157ebc. Read the comment docs.

[rabbah]

I like elements of this PR but the orchestration with the invokers (where it's selective) I think can lead to a situation where the controller has a view of the supported runtimes that is not supported by all the invokers. Don't you then need to inform the scheduler/loadbalancer of this disparity so it can route requests correctly to the supporting invokers?

Or do you envision only changing the stem cell configurations, and not the content of the runtimes manifest otherwise?

[rabbah]

You can use akka.http.scaladsl.model.headers.BasicHttpCredentials instead of creating this class.

[rabbah]

I see later this is created to read/load the configuration - it might still work with BasicHttpCredentials because it's case class with the same fields.

[rabbah]

why not use the method above and set the manifestOverride to Some(...) at the call site?

[ningyougang]

Yes, you are right, updated accordingly.

[rabbah]

this is incorrect - the reason we do the assignment to manifest on line 57 is to set the singleton. Here, this has no effect because the variable is local.

[ningyougang]

I already changed to use existed initialize method.

[rabbah]

I think you can do as json object instead of string to tighten this a bit more. I agree not to deserialize into a Runtimes instance.

[rabbah]

you can use as authentication directive which will automatically check the credentials and reject the request. This is OK just making an observation.

[codecov-io]

Codecov Report

Merging #4790 (edefa8a) into master (d8cf172) will decrease coverage by 7.66%.
The diff coverage is 20.80%.

@@            Coverage Diff             @@
##           master    #4790      +/-   ##
==========================================
- Coverage   81.81%   74.15%   -7.67%     
==========================================
  Files         204      212       +8     
  Lines        9950    10319     +369     
  Branches      447      435      -12     
==========================================
- Hits         8141     7652     -489     
- Misses       1809     2667     +858     

Impacted Files	Coverage Δ
.../org/apache/openwhisk/core/connector/Message.scala	71.32% <0.00%> (-2.12%)	⬇️
...che/openwhisk/core/loadBalancer/LoadBalancer.scala	71.42% <0.00%> (-5.50%)	⬇️
...e/loadBalancer/ShardingContainerPoolBalancer.scala	77.71% <0.00%> (-3.08%)	⬇️
...la/org/apache/openwhisk/core/invoker/Invoker.scala	69.35% <ø> (-0.49%)	⬇️
.../apache/openwhisk/core/controller/Controller.scala	45.52% <12.90%> (-9.29%)	⬇️
...e/openwhisk/core/containerpool/ContainerPool.scala	87.45% <16.12%> (-9.36%)	⬇️
...pache/openwhisk/core/invoker/InvokerReactive.scala	52.63% <26.47%> (-27.37%)	⬇️
.../openwhisk/core/invoker/DefaultInvokerServer.scala	44.44% <44.44%> (ø)
.../scala/org/apache/openwhisk/core/WhiskConfig.scala	95.51% <100.00%> (+0.11%)	⬆️
...core/database/cosmosdb/RxObservableImplicits.scala	0.00% <0.00%> (-100.00%)	⬇️
... and 42 more

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update d8cf172...edefa8a. Read the comment docs.

[style95]

@ningyougang I want to check if you want to continue this PR.

[codecov-commenter]

Codecov Report

Attention: Patch coverage is 40.00000% with 75 lines in your changes missing coverage. Please review.

Project coverage is 75.06%. Comparing base (d8cf172) to head (edefa8a).
Report is 227 commits behind head on master.

Files with missing lines	Patch %	Lines
.../apache/openwhisk/core/controller/Controller.scala	12.90%	27 Missing ⚠️
...pache/openwhisk/core/invoker/InvokerReactive.scala	50.00%	17 Missing ⚠️
...e/openwhisk/core/containerpool/ContainerPool.scala	58.06%	13 Missing ⚠️
...e/loadBalancer/ShardingContainerPoolBalancer.scala	0.00%	7 Missing ⚠️
.../org/apache/openwhisk/core/connector/Message.scala	37.50%	5 Missing ⚠️
.../openwhisk/core/invoker/DefaultInvokerServer.scala	44.44%	5 Missing ⚠️
...che/openwhisk/core/loadBalancer/LoadBalancer.scala	0.00%	1 Missing ⚠️

❗ There is a different number of reports uploaded between BASE (d8cf172) and HEAD (edefa8a). Click for more details.

HEAD has 16 uploads less than BASE

Flag	BASE (d8cf172)	HEAD (edefa8a)
	21	5

Additional details and impacted files

@@            Coverage Diff             @@
##           master    #4790      +/-   ##
==========================================
- Coverage   82.10%   75.06%   -7.04%     
==========================================
  Files         211      212       +1     
  Lines       10215    10319     +104     
  Branches      450      435      -15     
==========================================
- Hits         8387     7746     -641     
- Misses       1828     2573     +745     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.