This change is 

Hi @wongma7. Thanks for your PR.

I'm waiting for a kubernetes member to verify that this patch is reasonable to test. If it is, they should reply with @k8s-bot ok to test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work. Regular contributors should join the org to skip this step.

@wongma7 Thanks for fixing the issue. Your approach should work, I just has one small concern. If we put allSources.Ready check before loop though the pod list to populate desired state, it might delay the reconciler to start mount the volumes. In case of some error and allSources becomes ready after a long period, desiredStatePopulator will not process any pods and their volumes.

I am thinking maybe we could put allSourcesReady check in the HasAddedPods function. This function will return true only if allSourceReady and populator finishes looping the pod list. In populatorLoopFunc, hasAddedPods is set to false at the begining, and change to true at the end of the function.

@jingxu97 in my testing, checking allSourcesReady in HasAddedPods still doesn't guarantee that the desired state of world is ready before reconciler's reconstruction. The timing is quite tight, see this example:

I0424 11:48:09.384200 19213 volume_manager.go:241] The desired_state_of_world populator starts
I0424 11:48:14.399392 19213 reconciler.go:153] Desired state of world has been populated with pods, starting reconstruct state function
I0424 11:48:14.400094 19213 reconciler.go:483] Reconciler sync states: could not find pod information in desired or actual states or pending operation, update it in both states: &{volumeName:kubernetes.io/aws-ebs/aws://us-east-1d/vol-06425954fe553e31d podName:2d103d0c-2905-11e7-ae76-0e06794f72a4 volumeSpec:0xc421083280 outerVolumeSpecName:pvc-291faaf2-2905-11e7-ae76-0e06794f72a4 pod:0xc421ba7200 pluginIsAttachable:true volumeGidValue: devicePath: reportedInUse:false mounter:0xc421babbc0}
I0424 11:48:14.404771 19213 desired_state_of_world_populator.go:286] Added volume "dynamic" (volSpec="pvc-291faaf2-2905-11e7-ae76-0e06794f72a4") for pod "2d103d0c-2905-11e7-ae76-0e06794f72a4" to desired state.

It's like this:

1. Start kubelet
2. The populator runs multiple times, but probably doesn't find any pods because sources aren't ready. After x run, HasAddedPods returns true because sources are ready and the populator loop has run many times already. Now that sources are ready, the populator will surely find all pods in the next loop, 100 ms later, but chances are, up until now it hasn't found any pods.
3. Reconciler is running on the same 100 ms period. It now sees HasAddedPods return true and so runs. But DSW doesn't have all the pods, so some volumes in ASW get wrong information.
4. Populator runs again and finds pods because sources are ready. This is only <100 ms too late, but still too late, ASW has the wrong information.

I think to avoid a long delay, we could add a 15 seconds timeout where the populator must run if allSourcesReady has not happened by then. And then the reconciler reconstruction should only run after the populator has run once when sources were ready. Let me update the patch...

@jingxu97 patch updated, PTAL.

I made it so desired state of world populator is not blocked by sources.AllReady as recommended. I didn't change the HasAddedPods function because as I said in my testing that didn't work out, instead I changed how 'dswp.hasAddedPods' gets set: do it right after the populator has run with all ready sources.

Just a small comment, otherwise lgtm.
Thanks for the fix!

@jingxu97 I don't see your comment, could you try submitting it again? Thanks : )

/unassign

I've updated the patch, *** PTAL.

With the addition of the lock, things got a tad more complicated so I reworked the patch to be absolutely clear about what it's doing. The populator needs to set hasAddedPods only once, then it's done touching that variable and can resume normal operation. Similarly, the reconciler needs to check hasAddedPods only once, then it's done and can resume.

@jingxu97 ping, PTAL when you get a chance :) The spirit of the patch is the same, I just tried to make it clearer & safer prompted by the comments. @saad-ali can you please /approve this PR, you are the only approver in this directory and for some reason the bot decided to pick on somebody from a parent dir.

I would like to get this cherry-picked into 1.6.3 once it's good to go, it is trivial to reproduce and leads to really bad UX IMO

please re-add lgtm, (bazel) tests should pass now, thank you!

/lgtm

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: jingxu97, saad-ali, wongma7

@k8s-bot bazel test this
W0510 00:49:48.944] fatal: Unable to create '/root/.cache/git/k8s.io/kubernetes/index.lock': File exists.

@wongma7: you can't request testing unless you are a kubernetes member.

@k8s-bot bazel test this

Automatic merge from submit-queue (batch tested with PRs 45382, 45384, 44781, 45333, 45543)

@wongma7 could you cherrypick the PR to 1.5 and 1.6?

Removing label cherrypick-candidate because no release milestone was set. This is an invalid state and thus this PR is not being considered for cherry-pick to any release branch. Please add an appropriate release milestone and then re-add the label.

/release-note

Am I reading correctly that the cherry-pick back into Kube 1.6 failed?

So should I expect to see this in Kube 1.7 but no earlier?

It was cherry picked to 1.5 and 1.6 both, not sure the exact .z patch number

Oh? The "Merge pull request" for 1.6 has a red X with hover text "Failure: k8s-merge-robot needs CLA" -- was that a transient issue, and Github simply doesn't update the status to remove the failure text, then?

Update -- I see the changelog citing this PR here -- https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG-1.6.md#v165

Fair enough. Filing a fresh ticket shortly...