DRA kubelet: add dra_resource_claims_in_use gauge vector

[pohly]

What type of PR is this?

/kind feature

What this PR does / why we need it:

The new metric informs admins whether DRA in general (empty "driver_name" label) and/or specific DRA drivers (label non-empty) are in use on nodes. This is useful to know because removing a driver is only safe if it is not in use. If a driver gets removed while it has prepared a ResourceClaim, unpreparing that ResourceClaim and stopping pods is blocked.

Which issue(s) this PR fixes:

Slack discussion: https://kubernetes.slack.com/archives/C0409NGC1TK/p1746168044475379?thread_ts=1746001550.655339&cid=C0409NGC1TK
Related-to: kubernetes/enhancements#4381 (GA?)

Special notes for your reviewer:

The unit tests check that metrics get calculated. The e2e_node test checks that kubelet really exports the metrics data.

While at it, some bugs in the claiminfo_test.go get fixed: the way how the cache got populated in the test did not match the code anymore.

Let's review this proposal, then document it as part of the 1.34 KEP update before merging the implementation.

/hold
/assign @bart0sh

Does this PR introduce a user-facing change?

The new `dra_resource_claims_in_use` kubelet metrics informs about active ResourceClaims, overall and by driver.

[pohly]

I moved this method unchanged because it was odd that most of the ClaimInfo methods were above, except for this one which came after the claimInfoCache methods.

[pohly]

The proposal in this PR is to use the label driver_name="" to represent "claims in use regardless of the driver". It is debatable whether the empty string or some other special string is better.

We could also use <any> or <all> because those are not valid driver names and thus wouldn't clash with the per-driver vectors.

Thoughts?

cc @dgrisonnet

[bart0sh]

I'd vote for <any>. it looks much more explicit than "" to me.

[pohly]

This is an e2e_node test because it is easier to get the kubelet metrics there.

If that could be done also in an E2E test, then putting the test there would be more appropriate. The test doesn't really depend on the kubelet configuration and E2E tests are easier to run.

[ArangoGutierrez]

Non blocking comments

[pohly]

e2e-kind failed because of #131748.

[pohly]

This triggers

ERROR: Some files are importing packages under github.com/prometheus/* but are not allow-listed to do so.

See: https://github.com/kubernetes/kubernetes/issues/89267

Failing files:
  ./test/e2e_node/dra_test.go

It is how some other code is checking metrics.

@dgrisonnet @richabanker: is this one of those cases where it's okay to extend the allow list? Or is there a different way of checking for the expected outcome?

[richabanker]

Seems like we have allowed to extend the allow list in the past, ref so I guess we can just do that now? Regarding the usage, I see similar usage of the model package in the codebase to verify the metrics data so should be fine? cc @serathius - the author of the linked issue if he has any ideas on how to avoid importing the package here.

[richabanker]

Alternatively maybe you could try to create a map representation (map[string]float64) of the vector where the key is the driver_name and the value is the metric value. And then use something like this for verifying the values?

claimsInUse := convertVectorToMap(metrics, "dra_resource_claims_in_use")
gomega.Expect(claimsInUse).Should(gstruct.MatchKeys(gstruct.IgnoreExtras, gstruct.Keys{
	"":                   gomega.BeEquivalentTo(1),
	kubeletPlugin1Name: gomega.BeEquivalentTo(1),
	kubeletPlugin2Name: gomega.BeEquivalentTo(1),
}), "metrics while pod is running")

[pohly]

That feels like a workaround. I prefer adding a type alias in k8s.io/component-base/metrics/testutil: that package is geared towards use in tests, and already defines a type which directly exposes model.Sample, so letting consumers of that package also use that type directly seems fair. The code already depends on it anyway.

In other words, this was possible before:

var metrics testutils.Metrics
metrics = ...
samples := metrics["dra_resource_claims_in_use"]
sample := samples[0]

It should also be possible to write:

var sample *testutil.Sample
sample = samples[0]

I suppose some of the importers under

kubernetes/hack/verify-prometheus-imports.sh

Lines 72 to 79 in 3196c99

	./test/e2e/apimachinery/flowcontrol.go
	./test/e2e_node/mirror_pod_grace_period_test.go
	./test/e2e/node/pods.go
	./test/e2e_node/resource_metrics_test.go
	./test/instrumentation/main_test.go
	./test/integration/apiserver/flowcontrol/concurrency_test.go
	./test/integration/apiserver/flowcontrol/concurrency_util_test.go
	./test/integration/metrics/metrics_test.go

could use the same approach, but I haven't checked.

For now I have added the type aliases to this PR and use them in dra_test.go.

[pohly]

This logging doesn't have unit tests at the moment.

@bart0sh: do you find this useful? Shall I keep and test it or remove it?

[bart0sh]

It looks useful for me.

[pohly]

So let's keep it. I added tests for it.

[pohly]

This is up for debate, see #131641 (comment)

[richabanker]

/lgtm

from metrics POV

[k8s-ci-robot]

LGTM label has been added.

Git tree hash: 6d2c680c8f98146a7955c1944695f54b7cee1fba

[pohly]

@richabanker: can you also approve? It's needed for component-base/metrics.

[richabanker]

/approve

[k8s-ci-robot]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: pohly, richabanker
Once this PR has been reviewed and has the lgtm label, please assign klueska for approval. For more information see the Code Review Process.

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files:

• pkg/kubelet/cm/OWNERS
• pkg/kubelet/metrics/OWNERS
• staging/src/k8s.io/component-base/metrics/OWNERS [richabanker]
• test/e2e_node/OWNERS [pohly]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[pohly]

@bart0sh: LGTM to you for SIG Node and DRA?

I'll put it into a KEP update before merging, so we will get additional eyes on the proposal later.

[bart0sh]

Have you considered making a separate structure for collector? Why do you think embedding is better?

[pohly]

This seemed simpler. I can move it to a separate struct and then we can compare.

[pohly]

Pushed. I want to amend commits before we merge, so:
/hold

[bart0sh]

Up to you. I just thought that it might look a bit clearer if it's separated.

[pohly]

Does it? I don't have a strong opinion, both seem fine to me.

[bart0sh]

I like it better due to a bit better separation of concerns. That's why I lgtm-ed the PR.

[bart0sh]

Would it make sense to lock in the ClaimsInUse?

[pohly]

You mean in the cache.claimsInUse() call?

That needs to support being called with the lock already held for the usage in claimInfoCache.withLock. I could provide claimsInUse and claimsInUseWithLock, but I think letting the caller handle the locking is simpler.

[bart0sh]

ok, thanks for the explanations, let's keep it as is.

[bart0sh]

pull-kubernetes-node-e2e-crio-cgrpv1-dra failure seems to be related to this PR.

[bart0sh]

/triage accepted
/lgtm

@pohly Feel free to unhold after CI failures fixed.

[k8s-ci-robot]

LGTM label has been added.

Git tree hash: 2dec57a3e52b9747f6b07cca8930e236fc904ff3

[k8s-ci-robot]

New changes are detected. LGTM label has been removed.

[k8s-ci-robot]

PR needs rebase.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.