Karpenter and kube-scheduler Hangs for ~5m when Deleting a StatefulSet PVC

[jonathan-innis]

Description

Observed Behavior:

I'm testing the behavior of #1018 and validating how Karpenter handles node rolling when the Node Cleanup Controller is responsible for deleting PVCs and PVs from a node that is using NVME storage. The behavior that I'm seeing is that Karpenter is rolling the pods onto the new nodes, but when the new nodes come up, it takes the node cleanup controller a little bit of time to fully delete the PVCs/PVs from the old node (since it's doing the cleanup on a poll).

When it finally does delete the PVCs, Karpenter begins reporting the following error: "ignoring pod, getting persistent volume claim \"www-web-1\", PersistentVolumeClaim \"www-web-1\" not found". It does so correctly and should do so until the pod gets a replacement PVC from the stateful set controller. However, once the PVC is re-created by the statefulset controller, Karpenter still doesn't see that this pod is schedulable and waits around for ~5m before it begins launching a pod for the node.

There is no log on Karpenter's side that indicates why it is ignoring the pod or why it is not launching a node.

{"level":"DEBUG","time":"2024-02-19T20:11:02.842Z","logger":"controller.disruption","message":"ignoring pod, getting persistent volume claim \"www-web-2\", PersistentVolumeClaim \"www-web-2\" not found","commit":"3a8dd3a","pod":"default/web-2"}
{"level":"DEBUG","time":"2024-02-19T20:11:02.864Z","logger":"controller.disruption","message":"ignoring pod, getting persistent volume claim \"www-web-2\", PersistentVolumeClaim \"www-web-2\" not found","commit":"3a8dd3a","pod":"default/web-2"}
{"level":"DEBUG","time":"2024-02-19T20:11:04.752Z","logger":"controller.provisioner","message":"ignoring pod, getting persistent volume claim \"www-web-2\", PersistentVolumeClaim \"www-web-2\" not found","commit":"3a8dd3a","pod":"default/web-2"}
{"level":"DEBUG","time":"2024-02-19T20:11:14.752Z","logger":"controller.provisioner","message":"ignoring pod, getting persistent volume claim \"www-web-2\", PersistentVolumeClaim \"www-web-2\" not found","commit":"3a8dd3a","pod":"default/web-2"}
{"level":"DEBUG","time":"2024-02-19T20:11:43.031Z","logger":"controller.disruption","message":"discovered subnets","commit":"3a8dd3a","subnets":["subnet-006396cb4eae056f1 (us-west-2b)","subnet-0c31672d8f3da27ee (us-west-2b)","subnet-0e8ac99bc70aa8051 (us-west-2d)","subnet-068b2a87ec024682c (us-west-2d)","subnet-0f03dba293533e055 (us-west-2a)","subnet-0ff6eb107cd458d60 (us-west-2a)"]}
{"level":"DEBUG","time":"2024-02-19T20:11:49.218Z","logger":"controller","message":"deleted launch template","commit":"3a8dd3a","id":"lt-0747043e0ede53f50","name":"karpenter.k8s.aws/2974937103651069208"}
{"level":"ERROR","time":"2024-02-19T20:12:54.413Z","logger":"controller.nodeclaim.consistency","message":"check failed, expected 234 of resource pods, but found 110 (47.0% of expected)","commit":"3a8dd3a","nodeclaim":"default-wcpwn"}
{"level":"INFO","time":"2024-02-19T20:16:24.258Z","logger":"controller.provisioner","message":"found provisionable pod(s)","commit":"3a8dd3a","pods":"default/web-2","duration":"5.775834ms"}

Expected Behavior:

Karpenter should react to schedule the pod as soon as the pod shows that it can be schedulable.

Reproduction Steps (Please include YAML):

nvme-testing.tar.gz

Versions:

• Chart Version: v0.34.0
• Kubernetes Version (kubectl version): 1.29

• Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
• Please do not leave "+1" or "me too" comments, they generate extra noise for issue followers and do not help prioritize the request
• If you are interested in working on this issue or have submitted a pull request, please leave a comment

[jonathan-innis]

Here's an example of the kube-scheduler sitting here hanging in a pending state when there are nodes available and Karpenter thinks that the pod should schedule (and it should).

➜  karpenter-provider-aws git:(main) k get pods -A
NAMESPACE     NAME                                                     READY   STATUS    RESTARTS   AGE
default       local-volume-node-cleanup-controller-78767bc5c4-bmvwd    1/1     Running   0          5h7m
default       release-name-local-static-provisioner-7qxq2              1/1     Running   0          2m13s
default       release-name-local-static-provisioner-m2h5r              1/1     Running   0          2m56s
default       web-0                                                    0/1     Pending   0          100s
default       web-1                                                    1/1     Running   0          2m50s

➜  karpenter-provider-aws git:(main) k describe pod -n default       web-0
Name:             web-0
Namespace:        default
Priority:         0
Service Account:  default
Node:             <none>
Labels:           app=nginx
                  apps.kubernetes.io/pod-index=0
                  controller-revision-hash=web-5f69958999
                  statefulset.kubernetes.io/pod-name=web-0
Annotations:      <none>
Status:           Pending
IP:               
IPs:              <none>
Controlled By:    StatefulSet/web
Containers:
  nginx:
    Image:        registry.k8s.io/nginx-slim:0.8
    Port:         80/TCP
    Host Port:    0/TCP
    Environment:  <none>
    Mounts:
      /usr/share/nginx/html from www (rw)
      /var/run/secrets/kubernetes.io/serviceaccount from kube-api-access-xt9rk (ro)
Conditions:
  Type           Status
  PodScheduled   False 
Volumes:
  www:
    Type:       PersistentVolumeClaim (a reference to a PersistentVolumeClaim in the same namespace)
    ClaimName:  www-web-0
    ReadOnly:   false
  kube-api-access-xt9rk:
    Type:                    Projected (a volume that contains injected data from multiple sources)
    TokenExpirationSeconds:  3607
    ConfigMapName:           kube-root-ca.crt
    ConfigMapOptional:       <nil>
    DownwardAPI:             true
QoS Class:                   BestEffort
Node-Selectors:              <none>
Tolerations:                 node.kubernetes.io/not-ready:NoExecute op=Exists for 300s
                             node.kubernetes.io/unreachable:NoExecute op=Exists for 300s
Events:
  Type     Reason            Age   From               Message
  ----     ------            ----  ----               -------
  Warning  FailedScheduling  107s  default-scheduler  0/16 nodes are available: 1 node(s) had untolerated taint {karpenter.sh/disruption: disrupting}. preemption: 0/16 nodes are available: 1 Preemption is not helpful for scheduling, 15 No preemption victims found for incoming pod..
  Normal   Nominated         106s  karpenter          Pod should schedule on: nodeclaim/default-897jf, node/ip-192-168-103-34.us-west-2.compute.internal

➜  karpenter-provider-aws git:(main) k get pvc -A
NAMESPACE    NAME                                STATUS    VOLUME                                     CAPACITY   ACCESS MODES   STORAGECLASS   AGE
default      www-web-0                           Pending                                                                        k8s-disks      117s
default      www-web-1                           Bound     local-pv-ef11af16                          279Gi      RWO            k8s-disks      3m9s

➜  karpenter-provider-aws git:(main) k get pv
NAME                                       CAPACITY   ACCESS MODES   RECLAIM POLICY   STATUS        CLAIM                                          STORAGECLASS   REASON   AGE
local-pv-6623f7d1                          279Gi      RWO            Delete           Available                                                    k8s-disks               3m57s
local-pv-71cc7caa                          279Gi      RWO            Delete           Available                                                    k8s-disks               3m57s
local-pv-97fa2c11                          279Gi      RWO            Delete           Available                                                    k8s-disks               4m40s
local-pv-ef11af16                          279Gi      RWO            Delete           Bound         default/www-web-1                              k8s-disks               4m40s

➜  karpenter-provider-aws git:(main) k get nodes -l karpenter.sh/nodepool=default
NAME                                           STATUS   ROLES    AGE     VERSION
ip-192-168-103-34.us-west-2.compute.internal   Ready    <none>   4m45s   v1.28.5-eks-5e0fdde
ip-192-168-118-53.us-west-2.compute.internal   Ready    <none>   5m27s   v1.28.5-eks-5e0fdde

[jonathan-innis]

Looking deeper at the kube-scheduler logs, I see "Updated PersistentVolume with claim. Waiting for binding to complete" pod="default/web-2" PV="local-pv-4e9780eb" PVC="default/www-web-2" after 5m. Not sure if there is something going on with the new PVC that is preventing the pod from finishing its bind and scheduling.

[k8s-triage-robot]

The Kubernetes project currently lacks enough contributors to adequately respond to all issues.

This bot triages un-triaged issues according to the following rules:

• After 90d of inactivity, lifecycle/stale is applied
• After 30d of inactivity since lifecycle/stale was applied, lifecycle/rotten is applied
• After 30d of inactivity since lifecycle/rotten was applied, the issue is closed

You can:

• Mark this issue as fresh with /remove-lifecycle stale
• Close this issue with /close
• Offer to help out with Issue Triage

Please send feedback to sig-contributor-experience at kubernetes/community.

/lifecycle stale

[jmdeal]

/remove-lifecycle stale

[k8s-triage-robot]

The Kubernetes project currently lacks enough contributors to adequately respond to all issues.

This bot triages un-triaged issues according to the following rules:

• After 90d of inactivity, lifecycle/stale is applied
• After 30d of inactivity since lifecycle/stale was applied, lifecycle/rotten is applied
• After 30d of inactivity since lifecycle/rotten was applied, the issue is closed

You can:

• Mark this issue as fresh with /remove-lifecycle stale
• Close this issue with /close
• Offer to help out with Issue Triage

Please send feedback to sig-contributor-experience at kubernetes/community.

/lifecycle stale

[k8s-triage-robot]

The Kubernetes project currently lacks enough active contributors to adequately respond to all issues.

This bot triages un-triaged issues according to the following rules:

• After 90d of inactivity, lifecycle/stale is applied
• After 30d of inactivity since lifecycle/stale was applied, lifecycle/rotten is applied
• After 30d of inactivity since lifecycle/rotten was applied, the issue is closed

You can:

• Mark this issue as fresh with /remove-lifecycle rotten
• Close this issue with /close
• Offer to help out with Issue Triage

Please send feedback to sig-contributor-experience at kubernetes/community.

/lifecycle rotten

[k8s-triage-robot]

The Kubernetes project currently lacks enough active contributors to adequately respond to all issues and PRs.

This bot triages issues according to the following rules:

• After 90d of inactivity, lifecycle/stale is applied
• After 30d of inactivity since lifecycle/stale was applied, lifecycle/rotten is applied
• After 30d of inactivity since lifecycle/rotten was applied, the issue is closed

You can:

• Reopen this issue with /reopen
• Mark this issue as fresh with /remove-lifecycle rotten
• Offer to help out with Issue Triage

Please send feedback to sig-contributor-experience at kubernetes/community.

/close not-planned

[k8s-ci-robot]

@k8s-triage-robot: Closing this issue, marking it as "Not Planned".

In response to this:

The Kubernetes project currently lacks enough active contributors to adequately respond to all issues and PRs.

This bot triages issues according to the following rules:

• After 90d of inactivity, lifecycle/stale is applied
• After 30d of inactivity since lifecycle/stale was applied, lifecycle/rotten is applied
• After 30d of inactivity since lifecycle/rotten was applied, the issue is closed

You can:

• Reopen this issue with /reopen
• Mark this issue as fresh with /remove-lifecycle rotten
• Offer to help out with Issue Triage

Please send feedback to sig-contributor-experience at kubernetes/community.

/close not-planned

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

[pkit]

Why the f it is closed??
Karpenter is not usable for stateful sets at all.

Warning  FailedAttachVolume  4m37s  attachdetach-controller  Multi-Attach error for volume "pvc-bafe9e7c-7039-4868-b4f0-54f61ac63548" Volume is already exclusively attached to one node and can't be attached to another

It's a full stop issue!

[jonathan-innis]

/reopen

[k8s-ci-robot]

@jonathan-innis: Reopened this issue.

In response to this:

/reopen

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

[jonathan-innis]

Karpenter is not usable for stateful sets at all.

@pkit Can you describe the specific case that you are running into? Like the step-by-step of what is happening? Karpenter is trying to roll the nodes with stateful sets and it's not able to reschedule the pods?

[pkit]

@jonathan-innis yes. It tries to roll out a new SS (for example image upgrade)
Because it needs to start up a new node and shutdown the old node (nodes are sized to fit one pod) it does so in a way that new nodes are stuck in "Multi-Attach error" for 5-6 min.
And that happens almost every time on a loaded system (I suspect some timeout issues).

It's kinda ok if nodes in your SS are "replicated", but if the nodes are shards it leads to essentially 5 min of unavailability.
I'm ok with seconds of unavailability (otherwise I would write support for replication into our services) but creating support for replication just because of this problem looks like a bad idea.
I've rolled out a new eks with 1.31 and karpenter 1.0.8 (people said it doesn't do it anymore) but it will take some time to test the scenarios.

[engedaam]

/triage needs-information
/triage accepted
/remove-lifecycle rotten
/assign @jmdeal

[github-actions]

This issue has been inactive for 14 days. StaleBot will close this stale issue after 14 more days of inactivity.

[prad9192]

Noticing this issue, when we already have few uneven nodes bootstrapped in three zones, apply the below stateful set to replicate the issue. I understand that all the 10 stateful sets share the same matching label for topologySpreadConstraints, but that should not affect the behavior.

Nodepool for your Nodeclass

cat <<EOF | k apply -f -
apiVersion: karpenter.sh/v1
kind: NodePool
metadata:
  name: general-007
spec:
  disruption:
    budgets:
      - nodes: 10%
    consolidateAfter: 0s
    consolidationPolicy: WhenEmptyOrUnderutilized
  limits:
    cpu: 10k
    memory: 10000Gi
  template:
    metadata:
      labels:
        affinity: general-007
    spec:
      expireAfter: Never
      nodeClassRef:
        group: karpenter.k8s.aws
        kind: EC2NodeClass
        name: <REPLACE YOUR NODECLASS>
      requirements:
        - key: karpenter.sh/capacity-type
          operator: In
          values:
            - on-demand
        - key: karpenter.k8s.aws/instance-cpu
          operator: Gt
          values:
            - "1"
        - key: kubernetes.io/arch
          operator: In
          values:
            - amd64
        - key: karpenter.k8s.aws/instance-family
          operator: In
          values:
            - r5
      startupTaints:
        - effect: NoExecute
          key: ebs.csi.aws.com/agent-not-ready
      taints:
        - effect: NoSchedule
          key: workerrole
          value: general-007
---

---
EOF

Workload

cat <<EOF | k apply -f -
---
apiVersion: apps/v1
kind: StatefulSet
metadata:
  name: test-aaa
  namespace: default
spec:
  persistentVolumeClaimRetentionPolicy:
    whenDeleted: Retain
    whenScaled: Retain
  podManagementPolicy: Parallel
  replicas: 3
  selector:
      matchLabels:
        app: test
  updateStrategy:
    rollingUpdate:
      partition: 0
    type: RollingUpdate
  template:
    metadata:
        labels:
          app: test
    spec:
      containers:
        - name: nginx
          image: nginx:latest
          volumeMounts:
          - mountPath: /tmp
            name: tmp
          - mountPath: /data
            name: test-data
      volumes:
        - emptyDir:
            sizeLimit: 1Gi
          name: tmp
      imagePullSecrets:
      - name: registry-credentials
      nodeSelector:
        affinity: general-007
      tolerations:
      - effect: NoSchedule
        key: workerrole
        value: general-007
      topologySpreadConstraints:
        - labelSelector:
            matchLabels:
              app: test
          maxSkew: 1
          topologyKey: topology.kubernetes.io/zone
          whenUnsatisfiable: DoNotSchedule
  volumeClaimTemplates:
  - apiVersion: v1
    kind: PersistentVolumeClaim
    metadata:
      name: test-data
    spec:
      accessModes:
      - ReadWriteOnce
      resources:
        requests:
          storage: 1Gi
      storageClassName: gp2
      volumeMode: Filesystem
---
apiVersion: apps/v1
kind: StatefulSet
metadata:
  name: test-bbb
  namespace: default
spec:
  persistentVolumeClaimRetentionPolicy:
    whenDeleted: Retain
    whenScaled: Retain
  podManagementPolicy: Parallel
  replicas: 3
  selector:
      matchLabels:
        app: test
  updateStrategy:
    rollingUpdate:
      partition: 0
    type: RollingUpdate
  template:
    metadata:
        labels:
          app: test
    spec:
      containers:
        - name: nginx
          image: nginx:latest
          volumeMounts:
          - mountPath: /tmp
            name: tmp
          - mountPath: /data
            name: test-data
      volumes:
        - emptyDir:
            sizeLimit: 1Gi
          name: tmp
      imagePullSecrets:
      - name: registry-credentials
      nodeSelector:
        affinity: general-007
      tolerations:
      - effect: NoSchedule
        key: workerrole
        value: general-007
      topologySpreadConstraints:
        - labelSelector:
            matchLabels:
              app: test
          maxSkew: 1
          topologyKey: topology.kubernetes.io/zone
          whenUnsatisfiable: DoNotSchedule
  volumeClaimTemplates:
  - apiVersion: v1
    kind: PersistentVolumeClaim
    metadata:
      name: test-data
    spec:
      accessModes:
      - ReadWriteOnce
      resources:
        requests:
          storage: 1Gi
      storageClassName: gp2
      volumeMode: Filesystem
---   
apiVersion: apps/v1
kind: StatefulSet
metadata:
  name: test-ccc
  namespace: default
spec:
  persistentVolumeClaimRetentionPolicy:
    whenDeleted: Retain
    whenScaled: Retain
  podManagementPolicy: Parallel
  replicas: 3
  selector:
      matchLabels:
        app: test
  updateStrategy:
    rollingUpdate:
      partition: 0
    type: RollingUpdate
  template:
    metadata:
        labels:
          app: test
    spec:
      containers:
        - name: nginx
          image: nginx:latest
          volumeMounts:
          - mountPath: /tmp
            name: tmp
          - mountPath: /data
            name: test-data
      volumes:
        - emptyDir:
            sizeLimit: 1Gi
          name: tmp
      imagePullSecrets:
      - name: registry-credentials
      nodeSelector:
        affinity: general-007
      tolerations:
      - effect: NoSchedule
        key: workerrole
        value: general-007
      topologySpreadConstraints:
        - labelSelector:
            matchLabels:
              app: test
          maxSkew: 1
          topologyKey: topology.kubernetes.io/zone
          whenUnsatisfiable: DoNotSchedule
  volumeClaimTemplates:
  - apiVersion: v1
    kind: PersistentVolumeClaim
    metadata:
      name: test-data
    spec:
      accessModes:
      - ReadWriteOnce
      resources:
        requests:
          storage: 1Gi
      storageClassName: gp2
      volumeMode: Filesystem
---
apiVersion: apps/v1
kind: StatefulSet
metadata:
  name: test-ddd
  namespace: default
spec:
  persistentVolumeClaimRetentionPolicy:
    whenDeleted: Retain
    whenScaled: Retain
  podManagementPolicy: Parallel
  replicas: 3
  selector:
      matchLabels:
        app: test
  updateStrategy:
    rollingUpdate:
      partition: 0
    type: RollingUpdate
  template:
    metadata:
        labels:
          app: test
    spec:
      containers:
        - name: nginx
          image: nginx:latest
          volumeMounts:
          - mountPath: /tmp
            name: tmp
          - mountPath: /data
            name: test-data
      volumes:
        - emptyDir:
            sizeLimit: 1Gi
          name: tmp
      imagePullSecrets:
      - name: registry-credentials
      nodeSelector:
        affinity: general-007
      tolerations:
      - effect: NoSchedule
        key: workerrole
        value: general-007
      topologySpreadConstraints:
        - labelSelector:
            matchLabels:
              app: test
          maxSkew: 1
          topologyKey: topology.kubernetes.io/zone
          whenUnsatisfiable: DoNotSchedule
  volumeClaimTemplates:
  - apiVersion: v1
    kind: PersistentVolumeClaim
    metadata:
      name: test-data
    spec:
      accessModes:
      - ReadWriteOnce
      resources:
        requests:
          storage: 1Gi
      storageClassName: gp2
      volumeMode: Filesystem
---
apiVersion: apps/v1
kind: StatefulSet
metadata:
  name: test-eee
  namespace: default
spec:
  persistentVolumeClaimRetentionPolicy:
    whenDeleted: Retain
    whenScaled: Retain
  podManagementPolicy: Parallel
  replicas: 3
  selector:
      matchLabels:
        app: test
  updateStrategy:
    rollingUpdate:
      partition: 0
    type: RollingUpdate
  template:
    metadata:
        labels:
          app: test
    spec:
      containers:
        - name: nginx
          image: nginx:latest
          volumeMounts:
          - mountPath: /tmp
            name: tmp
          - mountPath: /data
            name: test-data
      volumes:
        - emptyDir:
            sizeLimit: 1Gi
          name: tmp
      imagePullSecrets:
      - name: registry-credentials
      nodeSelector:
        affinity: general-007
      tolerations:
      - effect: NoSchedule
        key: workerrole
        value: general-007
      topologySpreadConstraints:
        - labelSelector:
            matchLabels:
              app: test
          maxSkew: 1
          topologyKey: topology.kubernetes.io/zone
          whenUnsatisfiable: DoNotSchedule
  volumeClaimTemplates:
  - apiVersion: v1
    kind: PersistentVolumeClaim
    metadata:
      name: test-data
    spec:
      accessModes:
      - ReadWriteOnce
      resources:
        requests:
          storage: 1Gi
      storageClassName: gp2
      volumeMode: Filesystem
---
apiVersion: apps/v1
kind: StatefulSet
metadata:
  name: test-fff
  namespace: default
spec:
  persistentVolumeClaimRetentionPolicy:
    whenDeleted: Retain
    whenScaled: Retain
  podManagementPolicy: Parallel
  replicas: 3
  selector:
      matchLabels:
        app: test
  updateStrategy:
    rollingUpdate:
      partition: 0
    type: RollingUpdate
  template:
    metadata:
        labels:
          app: test
    spec:
      containers:
        - name: nginx
          image: nginx:latest
          volumeMounts:
          - mountPath: /tmp
            name: tmp
          - mountPath: /data
            name: test-data
      volumes:
        - emptyDir:
            sizeLimit: 1Gi
          name: tmp
      imagePullSecrets:
      - name: registry-credentials
      nodeSelector:
        affinity: general-007
      tolerations:
      - effect: NoSchedule
        key: workerrole
        value: general-007
      topologySpreadConstraints:
        - labelSelector:
            matchLabels:
              app: test
          maxSkew: 1
          topologyKey: topology.kubernetes.io/zone
          whenUnsatisfiable: DoNotSchedule
  volumeClaimTemplates:
  - apiVersion: v1
    kind: PersistentVolumeClaim
    metadata:
      name: test-data
    spec:
      accessModes:
      - ReadWriteOnce
      resources:
        requests:
          storage: 1Gi
      storageClassName: gp2
      volumeMode: Filesystem
---
apiVersion: apps/v1
kind: StatefulSet
metadata:
  name: test-ggg
  namespace: default
spec:
  persistentVolumeClaimRetentionPolicy:
    whenDeleted: Retain
    whenScaled: Retain
  podManagementPolicy: Parallel
  replicas: 3
  selector:
      matchLabels:
        app: test
  updateStrategy:
    rollingUpdate:
      partition: 0
    type: RollingUpdate
  template:
    metadata:
        labels:
          app: test
    spec:
      containers:
        - name: nginx
          image: nginx:latest
          volumeMounts:
          - mountPath: /tmp
            name: tmp
          - mountPath: /data
            name: test-data
      volumes:
        - emptyDir:
            sizeLimit: 1Gi
          name: tmp
      imagePullSecrets:
      - name: registry-credentials
      nodeSelector:
        affinity: general-007
      tolerations:
      - effect: NoSchedule
        key: workerrole
        value: general-007
      topologySpreadConstraints:
        - labelSelector:
            matchLabels:
              app: test
          maxSkew: 1
          topologyKey: topology.kubernetes.io/zone
          whenUnsatisfiable: DoNotSchedule
  volumeClaimTemplates:
  - apiVersion: v1
    kind: PersistentVolumeClaim
    metadata:
      name: test-data
    spec:
      accessModes:
      - ReadWriteOnce
      resources:
        requests:
          storage: 1Gi
      storageClassName: gp2
      volumeMode: Filesystem
---   
apiVersion: apps/v1
kind: StatefulSet
metadata:
  name: test-hhh
  namespace: default
spec:
  persistentVolumeClaimRetentionPolicy:
    whenDeleted: Retain
    whenScaled: Retain
  podManagementPolicy: Parallel
  replicas: 3
  selector:
      matchLabels:
        app: test
  updateStrategy:
    rollingUpdate:
      partition: 0
    type: RollingUpdate
  template:
    metadata:
        labels:
          app: test
    spec:
      containers:
        - name: nginx
          image: nginx:latest
          volumeMounts:
          - mountPath: /tmp
            name: tmp
          - mountPath: /data
            name: test-data
      volumes:
        - emptyDir:
            sizeLimit: 1Gi
          name: tmp
      imagePullSecrets:
      - name: registry-credentials
      nodeSelector:
        affinity: general-007
      tolerations:
      - effect: NoSchedule
        key: workerrole
        value: general-007
      topologySpreadConstraints:
        - labelSelector:
            matchLabels:
              app: test
          maxSkew: 1
          topologyKey: topology.kubernetes.io/zone
          whenUnsatisfiable: DoNotSchedule
  volumeClaimTemplates:
  - apiVersion: v1
    kind: PersistentVolumeClaim
    metadata:
      name: test-data
    spec:
      accessModes:
      - ReadWriteOnce
      resources:
        requests:
          storage: 1Gi
      storageClassName: gp2
      volumeMode: Filesystem
---
apiVersion: apps/v1
kind: StatefulSet
metadata:
  name: test-jjj
  namespace: default
spec:
  persistentVolumeClaimRetentionPolicy:
    whenDeleted: Retain
    whenScaled: Retain
  podManagementPolicy: Parallel
  replicas: 3
  selector:
      matchLabels:
        app: test
  updateStrategy:
    rollingUpdate:
      partition: 0
    type: RollingUpdate
  template:
    metadata:
        labels:
          app: test
    spec:
      containers:
        - name: nginx
          image: nginx:latest
          volumeMounts:
          - mountPath: /tmp
            name: tmp
          - mountPath: /data
            name: test-data
      volumes:
        - emptyDir:
            sizeLimit: 1Gi
          name: tmp
      imagePullSecrets:
      - name: registry-credentials
      nodeSelector:
        affinity: general-007
      tolerations:
      - effect: NoSchedule
        key: workerrole
        value: general-007
      topologySpreadConstraints:
        - labelSelector:
            matchLabels:
              app: test
          maxSkew: 1
          topologyKey: topology.kubernetes.io/zone
          whenUnsatisfiable: DoNotSchedule
  volumeClaimTemplates:
  - apiVersion: v1
    kind: PersistentVolumeClaim
    metadata:
      name: test-data
    spec:
      accessModes:
      - ReadWriteOnce
      resources:
        requests:
          storage: 1Gi
      storageClassName: gp2
      volumeMode: Filesystem
---
apiVersion: apps/v1
kind: StatefulSet
metadata:
  name: test-iii
  namespace: default
spec:
  persistentVolumeClaimRetentionPolicy:
    whenDeleted: Retain
    whenScaled: Retain
  podManagementPolicy: Parallel
  replicas: 3
  selector:
      matchLabels:
        app: test
  updateStrategy:
    rollingUpdate:
      partition: 0
    type: RollingUpdate
  template:
    metadata:
        labels:
          app: test
    spec:
      containers:
        - name: nginx
          image: nginx:latest
          volumeMounts:
          - mountPath: /tmp
            name: tmp
          - mountPath: /data
            name: test-data
      volumes:
        - emptyDir:
            sizeLimit: 1Gi
          name: tmp
      imagePullSecrets:
      - name: registry-credentials
      nodeSelector:
        affinity: general-007
      tolerations:
      - effect: NoSchedule
        key: workerrole
        value: general-007
      topologySpreadConstraints:
        - labelSelector:
            matchLabels:
              app: test
          maxSkew: 1
          topologyKey: topology.kubernetes.io/zone
          whenUnsatisfiable: DoNotSchedule
  volumeClaimTemplates:
  - apiVersion: v1
    kind: PersistentVolumeClaim
    metadata:
      name: test-data
    spec:
      accessModes:
      - ReadWriteOnce
      resources:
        requests:
          storage: 1Gi
      storageClassName: gp2
      volumeMode: Filesystem
---
EOF

Result

k describe po test-aaa-1 
Topology Spread Constraints:  topology.kubernetes.io/zone:DoNotSchedule when max skew 1 is exceeded for selector app=test
Events:
  Type     Reason            Age                  From               Message
  ----     ------            ----                 ----               -------
  Warning  FailedScheduling  13m                  default-scheduler  0/37 nodes are available: 17 node(s) didn't match Pod's node affinity/selector, 2 Insufficient cpu, 3 node(s) had untolerated taint {workerrole: egress-gateway}, 3 node(s) had untolerated taint {workerrole: internalingress}, 4 node(s) had untolerated taint {workerrole: ingress}, 8 node(s) had untolerated taint {eks.amazonaws.com/compute-type: fargate}. preemption: 0/37 nodes are available: 2 No preemption victims found for incoming pod, 35 Preemption is not helpful for scheduling.
  Normal   Nominated         13m                  karpenter          Pod should schedule on: nodeclaim/general-007-d483e0-r5-n4c8v
  Warning  FailedScheduling  13m (x2 over 13m)    default-scheduler  0/38 nodes are available: 1 node(s) had untolerated taint {ebs.csi.aws.com/agent-not-ready: }, 17 node(s) didn't match Pod's node affinity/selector, 2 Insufficient cpu, 3 node(s) had untolerated taint {workerrole: egress-gateway}, 3 node(s) had untolerated taint {workerrole: internalingress}, 4 node(s) had untolerated taint {workerrole: ingress}, 8 node(s) had untolerated taint {eks.amazonaws.com/compute-type: fargate}. preemption: 0/38 nodes are available: 2 No preemption victims found for incoming pod, 36 Preemption is not helpful for scheduling.
  Warning  FailedScheduling  13m                  default-scheduler  0/39 nodes are available: 17 node(s) didn't match Pod's node affinity/selector, 2 Insufficient cpu, 2 node(s) had untolerated taint {ebs.csi.aws.com/agent-not-ready: }, 3 node(s) had untolerated taint {workerrole: egress-gateway}, 3 node(s) had untolerated taint {workerrole: internalingress}, 4 node(s) had untolerated taint {workerrole: ingress}, 8 node(s) had untolerated taint {eks.amazonaws.com/compute-type: fargate}. preemption: 0/39 nodes are available: 2 No preemption victims found for incoming pod, 37 Preemption is not helpful for scheduling.
  Warning  FailedScheduling  12m                  default-scheduler  0/40 nodes are available: 17 node(s) didn't match Pod's node affinity/selector, 2 Insufficient cpu, 3 node(s) had untolerated taint {ebs.csi.aws.com/agent-not-ready: }, 3 node(s) had untolerated taint {workerrole: egress-gateway}, 3 node(s) had untolerated taint {workerrole: internalingress}, 4 node(s) had untolerated taint {workerrole: ingress}, 8 node(s) had untolerated taint {eks.amazonaws.com/compute-type: fargate}. preemption: 0/40 nodes are available: 2 No preemption victims found for incoming pod, 38 Preemption is not helpful for scheduling.
  Warning  FailedScheduling  12m                  default-scheduler  0/40 nodes are available: 1 node(s) didn't match pod topology spread constraints, 17 node(s) didn't match Pod's node affinity/selector, 2 Insufficient cpu, 2 node(s) had untolerated taint {ebs.csi.aws.com/agent-not-ready: }, 3 node(s) had untolerated taint {workerrole: egress-gateway}, 3 node(s) had untolerated taint {workerrole: internalingress}, 4 node(s) had untolerated taint {workerrole: ingress}, 8 node(s) had untolerated taint {eks.amazonaws.com/compute-type: fargate}. preemption: 0/40 nodes are available: 3 No preemption victims found for incoming pod, 37 Preemption is not helpful for scheduling.
  Warning  FailedScheduling  12m                  default-scheduler  0/40 nodes are available: 17 node(s) didn't match Pod's node affinity/selector, 2 node(s) didn't match pod topology spread constraints, 3 Insufficient cpu, 3 node(s) had untolerated taint {workerrole: egress-gateway}, 3 node(s) had untolerated taint {workerrole: internalingress}, 4 node(s) had untolerated taint {workerrole: ingress}, 8 node(s) had untolerated taint {eks.amazonaws.com/compute-type: fargate}. preemption: 0/40 nodes are available: 35 Preemption is not helpful for scheduling, 5 No preemption victims found for incoming pod.
  Warning  FailedScheduling  12m (x2 over 12m)    default-scheduler  0/41 nodes are available: 1 node(s) didn't match pod topology spread constraints, 1 node(s) had untolerated taint {ebs.csi.aws.com/agent-not-ready: }, 17 node(s) didn't match Pod's node affinity/selector, 3 node(s) had untolerated taint {workerrole: egress-gateway}, 3 node(s) had untolerated taint {workerrole: internalingress}, 4 Insufficient cpu, 4 node(s) had untolerated taint {workerrole: ingress}, 8 node(s) had untolerated taint {eks.amazonaws.com/compute-type: fargate}. preemption: 0/41 nodes are available: 36 Preemption is not helpful for scheduling, 5 No preemption victims found for incoming pod.
  Warning  FailedScheduling  3m1s (x21 over 12m)  default-scheduler  0/41 nodes are available: 17 node(s) didn't match Pod's node affinity/selector, 2 node(s) didn't match pod topology spread constraints, 3 node(s) had untolerated taint {workerrole: egress-gateway}, 3 node(s) had untolerated taint {workerrole: internalingress}, 4 Insufficient cpu, 4 node(s) had untolerated taint {workerrole: ingress}, 8 node(s) had untolerated taint {eks.amazonaws.com/compute-type: fargate}. preemption: 0/41 nodes are available: 35 Preemption is not helpful for scheduling, 6 No preemption victims found for incoming pod.
  Normal   Nominated         90s (x6 over 11m)    karpenter          Pod should schedule on: nodeclaim/general-007-d483e0-r5-ms445, node/ip-192-168-69-45.us-west-2.compute.internal

 k get pods -o wide
NAME         READY   STATUS    RESTARTS   AGE   IP               NODE                                           NOMINATED NODE   READINESS GATES
test-aaa-0   2/2     Running   0          12m   100.66.116.89    ip-192-168-71-243.us-west-2.compute.internal   <none>           <none>
test-aaa-1   0/2     Pending   0          12m   <none>           <none>                                         <none>           <none>
test-aaa-2   2/2     Running   0          12m   100.65.115.96    ip-192-168-43-25.us-west-2.compute.internal    <none>           <none>
test-bbb-0   2/2     Running   0          12m   100.66.116.88    ip-192-168-71-243.us-west-2.compute.internal   <none>           <none>
test-bbb-1   2/2     Running   0          12m   100.65.109.56    ip-192-168-43-25.us-west-2.compute.internal    <none>           <none>
test-bbb-2   0/2     Pending   0          12m   <none>           <none>                                         <none>           <none>
test-ccc-0   2/2     Running   0          12m   100.66.116.91    ip-192-168-71-243.us-west-2.compute.internal   <none>           <none>
test-ccc-1   0/2     Pending   0          12m   <none>           <none>                                         <none>           <none>
test-ccc-2   2/2     Running   0          12m   100.65.109.57    ip-192-168-43-25.us-west-2.compute.internal    <none>           <none>
test-ddd-0   2/2     Running   0          12m   100.66.116.90    ip-192-168-71-243.us-west-2.compute.internal   <none>           <none>
test-ddd-1   0/2     Pending   0          12m   <none>           <none>                                         <none>           <none>
test-ddd-2   2/2     Running   0          12m   100.65.109.59    ip-192-168-43-25.us-west-2.compute.internal    <none>           <none>
test-eee-0   2/2     Running   0          12m   100.66.116.92    ip-192-168-71-243.us-west-2.compute.internal   <none>           <none>
test-eee-1   0/2     Pending   0          12m   <none>           <none>                                         <none>           <none>
test-eee-2   2/2     Running   0          12m   100.65.109.58    ip-192-168-43-25.us-west-2.compute.internal    <none>           <none>
test-fff-0   2/2     Running   0          13m   100.64.249.138   ip-192-168-7-85.us-west-2.compute.internal     <none>           <none>
test-fff-1   2/2     Running   0          13m   100.64.253.55    ip-192-168-7-30.us-west-2.compute.internal     <none>           <none>
test-fff-2   2/2     Running   0          13m   100.64.249.140   ip-192-168-7-85.us-west-2.compute.internal     <none>           <none>
test-ggg-0   2/2     Running   0          13m   100.64.253.56    ip-192-168-7-30.us-west-2.compute.internal     <none>           <none>
test-ggg-1   2/2     Running   0          13m   100.64.253.54    ip-192-168-7-30.us-west-2.compute.internal     <none>           <none>
test-ggg-2   2/2     Running   0          13m   100.64.249.137   ip-192-168-7-85.us-west-2.compute.internal     <none>           <none>
test-hhh-0   2/2     Running   0          13m   100.64.253.53    ip-192-168-7-30.us-west-2.compute.internal     <none>           <none>
test-hhh-1   2/2     Running   0          13m   100.64.249.135   ip-192-168-7-85.us-west-2.compute.internal     <none>           <none>
test-hhh-2   2/2     Running   0          13m   100.64.249.136   ip-192-168-7-85.us-west-2.compute.internal     <none>           <none>
test-iii-0   2/2     Running   0          13m   100.66.116.87    ip-192-168-71-243.us-west-2.compute.internal   <none>           <none>
test-iii-1   2/2     Running   0          13m   100.65.109.55    ip-192-168-43-25.us-west-2.compute.internal    <none>           <none>
test-iii-2   0/2     Pending   0          13m   <none>           <none>                                         <none>           <none>
test-jjj-0   2/2     Running   0          13m   100.64.253.57    ip-192-168-7-30.us-west-2.compute.internal     <none>           <none>
test-jjj-1   2/2     Running   0          13m   100.64.253.58    ip-192-168-7-30.us-west-2.compute.internal     <none>           <none>
test-jjj-2   2/2     Running   0          13m   100.64.249.139   ip-192-168-7-85.us-west-2.compute.internal     <none>           <none>

 k get pvc
NAME                   STATUS    VOLUME                                     CAPACITY   ACCESS MODES   STORAGECLASS   VOLUMEATTRIBUTESCLASS   AGE
test-data-test-aaa-0   Bound     pvc-ca21459e-ca65-4d07-9782-1ea52ad21d78   1Gi        RWO            gp2            <unset>                 9m57s
test-data-test-aaa-1   Pending                                                                        gp2            <unset>                 9m57s
test-data-test-aaa-2   Bound     pvc-88412220-b2b1-4a19-b76f-721aab0a8f60   1Gi        RWO            gp2            <unset>                 9m57s
test-data-test-bbb-0   Bound     pvc-9638df95-16aa-4af6-8175-1ee6b4e304c4   1Gi        RWO            gp2            <unset>                 9m57s
test-data-test-bbb-1   Bound     pvc-7f1ef878-622d-432e-abd9-edff6d20eea9   1Gi        RWO            gp2            <unset>                 9m57s
test-data-test-bbb-2   Pending                                                                        gp2            <unset>                 9m57s
test-data-test-ccc-0   Bound     pvc-4ed3e99a-1221-4837-af33-a3db722232b9   1Gi        RWO            gp2            <unset>                 9m57s
test-data-test-ccc-1   Pending                                                                        gp2            <unset>                 9m57s
test-data-test-ccc-2   Bound     pvc-dcc16944-9b9b-439c-a456-300e9f3b2ea7   1Gi        RWO            gp2            <unset>                 9m57s
test-data-test-ddd-0   Bound     pvc-32c6d080-649f-4470-915f-b7abb89b3248   1Gi        RWO            gp2            <unset>                 9m57s
test-data-test-ddd-1   Pending                                                                        gp2            <unset>                 9m57s
test-data-test-ddd-2   Bound     pvc-2e7dc4c1-fb29-4c76-9907-718a07bd68bb   1Gi        RWO            gp2            <unset>                 9m57s
test-data-test-eee-0   Bound     pvc-87489ff0-a2e8-4169-ac9c-fe974da7c63f   1Gi        RWO            gp2            <unset>                 9m56s
test-data-test-eee-1   Pending                                                                        gp2            <unset>                 9m56s
test-data-test-eee-2   Bound     pvc-f82d4dcf-965f-4136-80d6-46ed42a037df   1Gi        RWO            gp2            <unset>                 9m56s
test-data-test-fff-0   Bound     pvc-e99c6734-dafc-44af-b37b-dd08d5660820   1Gi        RWO            gp2            <unset>                 10m
test-data-test-fff-1   Bound     pvc-901c0de0-cc9c-4cea-85cc-ea1bf7cb0436   1Gi        RWO            gp2            <unset>                 10m
test-data-test-fff-2   Bound     pvc-e398a440-78e3-4376-a806-3f0e33b8d5c7   1Gi        RWO            gp2            <unset>                 10m
test-data-test-ggg-0   Bound     pvc-59c2a8d6-c384-4441-bf6b-d0f7c1045fca   1Gi        RWO            gp2            <unset>                 10m
test-data-test-ggg-1   Bound     pvc-cc9f533d-2cd7-447f-9975-7119198916df   1Gi        RWO            gp2            <unset>                 10m
test-data-test-ggg-2   Bound     pvc-aca1cbd6-9575-45d0-b3d8-42f55434af0a   1Gi        RWO            gp2            <unset>                 10m
test-data-test-hhh-0   Bound     pvc-2165e216-cb5d-456d-b223-0c7bc0cf7952   1Gi        RWO            gp2            <unset>                 10m
test-data-test-hhh-1   Bound     pvc-2c75f247-3837-4775-9bbf-a98ab334ac32   1Gi        RWO            gp2            <unset>                 10m
test-data-test-hhh-2   Bound     pvc-a4a27939-31be-448c-ab4d-568149399969   1Gi        RWO            gp2            <unset>                 10m
test-data-test-iii-0   Bound     pvc-f348b8f8-ea53-4923-b6dd-0ee977b60cbe   1Gi        RWO            gp2            <unset>                 10m
test-data-test-iii-1   Bound     pvc-a051bdc4-ca55-4717-82a3-49e5066f8616   1Gi        RWO            gp2            <unset>                 10m
test-data-test-iii-2   Pending                                                                        gp2            <unset>                 10m
test-data-test-jjj-0   Bound     pvc-27c258b7-df4e-4cc1-a5c6-68268bd037a3   1Gi        RWO            gp2            <unset>                 10m
test-data-test-jjj-1   Bound     pvc-f0caa17f-c000-4137-aed2-98e21e107dda   1Gi        RWO            gp2            <unset>                 10m
test-data-test-jjj-2   Bound     pvc-6012eb22-e1cf-41ea-9f05-b6f7d4b5dbac   1Gi        RWO            gp2            <unset>                 10m

cluster-test (default) k get pv pvc-ca21459e-ca65-4d07-9782-1ea52ad21d78  pvc-88412220-b2b1-4a19-b76f-721aab0a8f60 pvc-9638df95-16aa-4af6-8175-1ee6b4e304c4 pvc-7f1ef878-622d-432e-abd9-edff6d20eea9  pvc-4ed3e99a-1221-4837-af33-a3db722232b9  pvc-dcc16944-9b9b-439c-a456-300e9f3b2ea7 pvc-32c6d080-649f-4470-915f-b7abb89b3248  pvc-2e7dc4c1-fb29-4c76-9907-718a07bd68bb pvc-87489ff0-a2e8-4169-ac9c-fe974da7c63f  pvc-f82d4dcf-965f-4136-80d6-46ed42a037df pvc-e99c6734-dafc-44af-b37b-dd08d5660820 pvc-901c0de0-cc9c-4cea-85cc-ea1bf7cb0436 pvc-e398a440-78e3-4376-a806-3f0e33b8d5c7 pvc-59c2a8d6-c384-4441-bf6b-d0f7c1045fca pvc-cc9f533d-2cd7-447f-9975-7119198916df pvc-aca1cbd6-9575-45d0-b3d8-42f55434af0a pvc-2165e216-cb5d-456d-b223-0c7bc0cf7952 pvc-2c75f247-3837-4775-9bbf-a98ab334ac32 pvc-a4a27939-31be-448c-ab4d-568149399969 pvc-f348b8f8-ea53-4923-b6dd-0ee977b60cbe pvc-a051bdc4-ca55-4717-82a3-49e5066f8616  pvc-27c258b7-df4e-4cc1-a5c6-68268bd037a3 pvc-f0caa17f-c000-4137-aed2-98e21e107dda pvc-6012eb22-e1cf-41ea-9f05-b6f7d4b5dbac -o yaml | grep -i zone | grep -i west-2c | wc -l
       6

cluster-test (default) k get pv pvc-ca21459e-ca65-4d07-9782-1ea52ad21d78  pvc-88412220-b2b1-4a19-b76f-721aab0a8f60 pvc-9638df95-16aa-4af6-8175-1ee6b4e304c4 pvc-7f1ef878-622d-432e-abd9-edff6d20eea9  pvc-4ed3e99a-1221-4837-af33-a3db722232b9  pvc-dcc16944-9b9b-439c-a456-300e9f3b2ea7 pvc-32c6d080-649f-4470-915f-b7abb89b3248  pvc-2e7dc4c1-fb29-4c76-9907-718a07bd68bb pvc-87489ff0-a2e8-4169-ac9c-fe974da7c63f  pvc-f82d4dcf-965f-4136-80d6-46ed42a037df pvc-e99c6734-dafc-44af-b37b-dd08d5660820 pvc-901c0de0-cc9c-4cea-85cc-ea1bf7cb0436 pvc-e398a440-78e3-4376-a806-3f0e33b8d5c7 pvc-59c2a8d6-c384-4441-bf6b-d0f7c1045fca pvc-cc9f533d-2cd7-447f-9975-7119198916df pvc-aca1cbd6-9575-45d0-b3d8-42f55434af0a pvc-2165e216-cb5d-456d-b223-0c7bc0cf7952 pvc-2c75f247-3837-4775-9bbf-a98ab334ac32 pvc-a4a27939-31be-448c-ab4d-568149399969 pvc-f348b8f8-ea53-4923-b6dd-0ee977b60cbe pvc-a051bdc4-ca55-4717-82a3-49e5066f8616  pvc-27c258b7-df4e-4cc1-a5c6-68268bd037a3 pvc-f0caa17f-c000-4137-aed2-98e21e107dda pvc-6012eb22-e1cf-41ea-9f05-b6f7d4b5dbac -o yaml | grep -i zone | grep -i west-2b | wc -l
       6

cluster-test (default) k get pv pvc-ca21459e-ca65-4d07-9782-1ea52ad21d78  pvc-88412220-b2b1-4a19-b76f-721aab0a8f60 pvc-9638df95-16aa-4af6-8175-1ee6b4e304c4 pvc-7f1ef878-622d-432e-abd9-edff6d20eea9  pvc-4ed3e99a-1221-4837-af33-a3db722232b9  pvc-dcc16944-9b9b-439c-a456-300e9f3b2ea7 pvc-32c6d080-649f-4470-915f-b7abb89b3248  pvc-2e7dc4c1-fb29-4c76-9907-718a07bd68bb pvc-87489ff0-a2e8-4169-ac9c-fe974da7c63f  pvc-f82d4dcf-965f-4136-80d6-46ed42a037df pvc-e99c6734-dafc-44af-b37b-dd08d5660820 pvc-901c0de0-cc9c-4cea-85cc-ea1bf7cb0436 pvc-e398a440-78e3-4376-a806-3f0e33b8d5c7 pvc-59c2a8d6-c384-4441-bf6b-d0f7c1045fca pvc-cc9f533d-2cd7-447f-9975-7119198916df pvc-aca1cbd6-9575-45d0-b3d8-42f55434af0a pvc-2165e216-cb5d-456d-b223-0c7bc0cf7952 pvc-2c75f247-3837-4775-9bbf-a98ab334ac32 pvc-a4a27939-31be-448c-ab4d-568149399969 pvc-f348b8f8-ea53-4923-b6dd-0ee977b60cbe pvc-a051bdc4-ca55-4717-82a3-49e5066f8616  pvc-27c258b7-df4e-4cc1-a5c6-68268bd037a3 pvc-f0caa17f-c000-4137-aed2-98e21e107dda pvc-6012eb22-e1cf-41ea-9f05-b6f7d4b5dbac -o yaml | grep -i zone | grep -i west-2a | wc -l
      12

Also note the stateful set spec, with the policy to retain the PVs , Karpenter has to take this into consideration when there is a pod rollout restart to decide what zones it bootstraps the new nodes, meaning the nodes should be in the same zone where the Pvs reside, else. The pod remain in pending due to error - 3 node(s) had volume node affinity conflict

  persistentVolumeClaimRetentionPolicy:
    whenDeleted: Retain
    whenScaled: Retain