[DSIP-17122][SERVER] Kubernetes Connection Pool Implementation

[Cat-Drink]

Purpose of the pull request

This pull request introduces support for the Kubernetes client connection pool, optimizing the interaction performance and resource management between Apache DolphinScheduler and Kubernetes clusters. By maintaining a reuse mechanism for client connections, this feature significantly reduces the overhead caused by frequent creation and destruction of Kubernetes clients, thereby improving the overall efficiency and stability of the system.

Brief change log

• Core Backend Implementation: Added the KubernetesClientPool class, which implements a singleton-pattern connection pool manager to maintain an independent connection pool for each Kubernetes cluster.
• Connection Pool Configuration: Implemented the PoolConfig inner class, which supports configuration items such as minimum idle connections, maximum idle connections, maximum connections, maximum waiting time, and idle timeout. These configurations can be customized through properties in TaskConstants.
• Cluster Connection Pool: Implemented the ClusterClientPool inner class, which is responsible for managing client connections of specific clusters, including the creation, acquisition, return, and closure of connections.
• Idle Connection Cleanup: Added a periodic cleanup thread that executes the cleanupIdleClients method every 30 seconds to clear timed-out idle connections, effectively saving resources.
• Cluster Identification: Implemented a cluster identification generation mechanism based on kubeconfig, using the SHA-256 algorithm to generate a unique identifier for each cluster.
• Client Validation: Added the isClientValid method to ensure that the returned client connection remains valid.
• Integration into Utility Classes: Updated utility classes such as K8sUtils and KubernetesApplicationManager to enable them to acquire and return clients using the connection pool.

Verify this pull request

This change includes comprehensive test cases and can be verified through the following methods:

Automated Testing

• Basic Functionality Test: KubernetesClientPoolTest.testKubernetesClientPoolBasicFunction verifies the basic operations of the connection pool (acquiring cluster ID, obtaining client, returning client, and closing the connection pool).
• Configuration Test: KubernetesClientPoolTest.testKubernetesClientPoolConfig verifies the correctness of connection pool configurations.
• Cluster ID Generation Test: KubernetesClientPoolTest.testClusterIdGeneration verifies the function of generating a unique cluster identifier based on kubeconfig.
• Singleton Pattern Test: KubernetesClientPoolTest.testSingletonPattern verifies the singleton pattern implementation of the connection pool.
• Concurrent Access Test: Verifies the thread safety and stability of the connection pool in a multi-threaded environment.
• Timeout Handling Test: KubernetesClientPoolTest.testClusterClientPoolBorrowObjectTimeout verifies the handling mechanism for client acquisition timeouts.
• Idle Connection Cleanup Test: KubernetesClientPoolTest.testCleanupIdleClients and KubernetesClientPoolTest.testClusterClientPoolCleanupIdle verify the periodic cleanup function of idle connections.

Manual Verification Steps

1. Ensure that appropriate connection pool parameters (such as k8s.client.pool.max.size) are set in the configuration file.
2. Submit multiple Kubernetes tasks to different clusters.
3. Check the logs to verify whether the connection pool correctly creates and manages client connections.
4. Monitor system resource usage to verify whether the connection pool effectively reduces the overhead caused by connection creation and destruction.

Pull Request Notice

Pull Request Notice

If your pull request contains incompatible change, you should also add it to docs/docs/en/guide/upgrade/incompatible.md

[boring-cyborg]

Thanks for opening this pull request! Please check out our contributing guidelines. (https://github.com/apache/dolphinscheduler/blob/dev/docs/docs/en/contribute/join/pull-request.md)

[SbloodyS]

This pr's title and DSIP-88 are no related. Please modify the correct title and with full design detail and description. @Cat-Drink

[Cat-Drink]

PTAL‌

[SbloodyS]

It's better to use constants here.

[SbloodyS]

It's better to use constants here.

[SbloodyS]

It's better to use constants here.

[SbloodyS]

Suggested change

// every 30s

[SbloodyS]

Using @Getter here.

[SbloodyS]

Suggested change

log.error(e.getMessage());

[SbloodyS]

Suggested change

// if Exception happen

[SbloodyS]

Suggested change

	log.error(e.getMessage());
	log.error("k8s task executor running error: ", e);

[SbloodyS]

Please avoid using chinese.

[SbloodyS]

These params should add to docs and guide user how to use it.

[SbloodyS]

This pr's title and DSIP-88 are no related.

BTW, this is still unaddressed.

[ruanwenjun]

This log seems meaningless.

[Copilot]

Pull Request Overview

This PR introduces a Kubernetes client connection pool (KubernetesClientPool) to manage K8s client connections efficiently across multiple clusters. The changes replace the previous approach of creating individual clients and caching them per task with a robust pooling mechanism that supports connection reuse, lifecycle management, and automatic cleanup of idle connections.

Key Changes

• Implements a new KubernetesClientPool singleton with per-cluster connection pooling
• Refactors K8sUtils to use the connection pool instead of instance-level clients
• Updates KubernetesApplicationManager to retrieve clients from the pool and return them after use
• Removes the removeK8sClientCache method from ProcessUtils as caching is now handled by the pool
• Adds comprehensive test coverage for the new pooling functionality

Reviewed Changes

Copilot reviewed 13 out of 13 changed files in this pull request and generated 9 comments.

Show a summary per file

File	Description
KubernetesClientPool.java	New connection pool implementation with cluster-based pooling, idle cleanup, and configurable limits
K8sUtils.java	Refactored to use connection pool; all methods now accept configYaml parameter and properly return clients
KubernetesApplicationManager.java	Updated to use connection pool instead of per-task client caching
K8sTaskExecutor.java	Modified to pass configYaml to K8sUtils methods and removed client build calls
ProcessUtils.java	Removed removeK8sClientCache method
TaskConstants.java	Added configuration constants for pool sizing and timeouts
KubernetesClientPoolTest.java	Comprehensive test suite for connection pool functionality
K8sUtilsTest.java	New tests for refactored K8sUtils methods
KubernetesApplicationManagerTest.java	Tests for application manager with connection pool
K8sTaskExecutorTest.java	Updated tests with proper mocking for connection pool usage
configuration.md (en/zh)	Documentation for new connection pool configuration parameters

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

Chinese comment should be removed or translated to English. The comment '拦截所有使用静态方法的请求' (intercept all requests using static methods) is inconsistent with the rest of the codebase which uses English comments.

Suggested change

	mockedKubernetesClientPool = Mockito.mockStatic(KubernetesClientPool.class); // 拦截所有使用静态方法的请求
	mockedKubernetesClientPool = Mockito.mockStatic(KubernetesClientPool.class); // Intercept all requests using static methods

[Copilot]

The method signature changed from throws Exception to no exception declaration, but the method body still contains try-catch blocks that catch Exception. This is a breaking API change that could affect callers expecting to handle exceptions. The removed exception should either be kept in the signature or properly handled/logged in all code paths.

Suggested change

	public TaskResponse run(String k8sParameterStr) {
	public TaskResponse run(String k8sParameterStr) throws Exception {

[Copilot]

Typo in comment: 'tes client' should be 'the client'.

Suggested change

	// Retrieve watchList again, as the previous instance of tes client connection pool may have expired
	// Retrieve watchList again, as the previous instance of the client connection pool may have expired

[Copilot]

The fallback cluster ID generation using hashCode() can produce negative values, which could cause issues. Although line 170 in KubernetesApplicationManager uses hashCode & 0x7FFFFFFF to ensure non-negative values, this fallback in KubernetesClientPool doesn't apply the same mask, creating inconsistency in cluster ID generation.

Suggested change

	return Integer.toString(kubeConfig.hashCode());
	return Integer.toString(kubeConfig.hashCode() & 0x7FFFFFFF);

[Copilot]

The cluster ID generation logic is duplicated between KubernetesApplicationManager.getClusterId() and KubernetesClientPool.getClusterId(). These methods use different algorithms (SHA-256 in the pool vs hashCode in the manager), which will produce different cluster IDs for the same kubeConfig. This inconsistency will prevent proper client pooling and cause connection leaks.

[Copilot]

The comment indicates the client is not returned immediately and the caller should manage the lifecycle, but the client is obtained in the try block (line 97) and logged in the finally block (line 106-109) without actually being returned to the pool. This will cause a client connection leak as the client remains borrowed but is never returned.

[Copilot]

Similar to the issue in K8sUtils.createBatchJobWatcher, the client obtained in getPodLogWatcher (line 263) is not returned to the pool in the finally block. The debug message suggests it's intentional, but this creates a connection leak as there's no guarantee the caller will properly return the client after the watch completes.

Suggested change

	return client.pods().inNamespace(pod.getMetadata().getNamespace())
	.withName(pod.getMetadata().getName())
	.inContainer(kubernetesApplicationManagerContext.getContainerName())
	.watchLog();
	} finally {
	log.debug("Log watch client is not returned immediately, will be managed by caller after watch completes");
	}
	}
	LogWatch logWatch = client.pods().inNamespace(pod.getMetadata().getNamespace())
	.withName(pod.getMetadata().getName())
	.inContainer(kubernetesApplicationManagerContext.getContainerName())
	.watchLog();
	return new ClientReturningLogWatch(logWatch, client, kubernetesApplicationManagerContext);
	} catch (Exception e) {
	if (client != null) {
	KubernetesClientPool.returnClient(kubernetesApplicationManagerContext, client);
	}
	throw e;
	}
	}
	/**
	* Wrapper for LogWatch that returns the client to the pool when closed.
	*/
	private static class ClientReturningLogWatch implements LogWatch {
	private final LogWatch delegate;
	private final KubernetesClient client;
	private final KubernetesApplicationManagerContext context;
	private boolean closed = false;
	public ClientReturningLogWatch(LogWatch delegate, KubernetesClient client, KubernetesApplicationManagerContext context) {
	this.delegate = delegate;
	this.client = client;
	this.context = context;
	}
	@Override
	public void close() {
	if (!closed) {
	try {
	delegate.close();
	} finally {
	KubernetesClientPool.returnClient(context, client);
	closed = true;
	}
	}
	}
	@Override
	public java.io.InputStream getOutput() {
	return delegate.getOutput();
	}
	@Override
	public java.io.InputStream getError() {
	return delegate.getError();
	}
	}

[Copilot]

Variable 'KubernetesClient client1' is never read.

Suggested change

	KubernetesClient client1 = (KubernetesClient) borrowObjectMethod.invoke(clusterClientPool);
	KubernetesClient client2 = (KubernetesClient) borrowObjectMethod.invoke(clusterClientPool);
	borrowObjectMethod.invoke(clusterClientPool);
	borrowObjectMethod.invoke(clusterClientPool);

[Copilot]

Variable 'KubernetesClient client2' is never read.

Suggested change

	KubernetesClient client2 = (KubernetesClient) borrowObjectMethod.invoke(clusterClientPool);
	borrowObjectMethod.invoke(clusterClientPool);

[wangxj3]

this is a new newWatchList?

[Cat-Drink]

yes, it is a newWatchList

[sonarqubecloud]

Quality Gate passed

Issues
74 New issues
0 Accepted issues

Measures
0 Security Hotspots
75.4% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud