[Kubelet] Add support for pod level cgroup management #28017
Conversation
k8s-github-robot
added
needs-rebase
dubstack
added
do-not-merge
| } | ||
|
|
||
| func (m *podContainerManagerStub) GetPodContainerName(pod *api.Pod) string { | ||
| return "" |
There was a problem hiding this comment.
I missed this but it would return the cgroup-root in this case
dubstack
force-pushed
the
dubstack-pod-manager
branch
4 times, most recently
from
020f678 to
d2e1d72
Compare
dubstack
removed
the
size/XL
k8s-github-robot
added
size/L
dubstack
force-pushed
the
dubstack-pod-manager
branch
2 times, most recently
from
f6a02d2 to
617d427
Compare
dubstack
changed the title
dubstack
added
area/kubelet
and removed
do-not-merge
k8s-github-robot
added
the
kind/api-change
| }, | ||
| } | ||
| } | ||
|
|
||
| // TODO(vmarmol): Add limits to the system containers. |
There was a problem hiding this comment.
Later when we handle system containers we would want to replace this manager with my cgroup Manager
dubstack
added
the
do-not-merge
dubstack
force-pushed
the
dubstack-pod-manager
branch
3 times, most recently
from
8d6aaf4 to
f9086f1
Compare
k8s-github-robot
added
do-not-merge
|
@dubstack |
|
k8s-bot e2e test this issue: #29559 |
|
k8s-bot test this issue: #29559 |
dubstack
force-pushed
the
dubstack-pod-manager
branch
from
c2355d2 to
a01c8cd
Compare
dubstack
removed
the
do-not-merge
|
@dubstack - I am ok addressing nits in a follow-on, can you get tests passing so I can tag? |
|
Looks like #29492 reverted changes that I made to Libcontainer which broke down the e2e tests |
| NewPodContainerManager() PodContainerManager | ||
|
|
||
| // GetMountedSubsystems returns the mounted cgroup subsytems on the node | ||
| GetMountedSubsystems() *CgroupSubsystems |
There was a problem hiding this comment.
There was a problem hiding this comment.
it feels like the factoring could be better here. it feels like reducing memory limits should be handled in a module opaque to the kubelet.
|
@dubstack DId a review pass. Please ping once you have addressed comments. |
|
took one more pass, i would prefer if its not too much work that we fix to use a |
dubstack
force-pushed
the
dubstack-pod-manager
branch
from
a01c8cd to
1eebf62
Compare
|
@derekwaynecarr @vishh I understand your concern. I will send out a patch to refactor it to use a NodeCapacityInterface. But for now can we get this in. |
dubstack
force-pushed
the
dubstack-pod-manager
branch
from
1eebf62 to
b1018be
Compare
|
This commit would be added by #29087. Close this one on LGTM. |
|
GCE e2e build/test passed for commit b1018be. |
|
@derekwaynecarr @vishh Closing this PR as the commit from this PR will go in #30475. |
|
We found a Contributor License Agreement for you (the sender of this pull request), but were unable to find agreements for the commit author(s). If you authored these, maybe you used a different email address in the git commits than was used to sign the CLA (login here to double check)? If these were authored by someone else, then they will need to sign a CLA as well, and confirm that they're okay with these being contributed to Google. |
Automatic merge from submit-queue Unblock iterative development on pod-level cgroups In order to allow forward progress on this feature, it takes the commits from #28017 #29049 and then it globally disables the flag that allows these features to be exercised in the kubelet. The flag can be re-added to the kubelet when its actually ready. /cc @vishh @dubstack @kubernetes/rh-cluster-infra
Automatic merge from submit-queue Unblock iterative development on pod-level cgroups In order to allow forward progress on this feature, it takes the commits from kubernetes#28017 kubernetes#29049 and then it globally disables the flag that allows these features to be exercised in the kubelet. The flag can be re-added to the kubelet when its actually ready. /cc @vishh @dubstack @kubernetes/rh-cluster-infra
This PR is tied to this upstream issue #27204
This PR adds support for creating destroying and updating pod level cgroups in the Kubelet. I need the node info(Allocatable and Capacity values tp be specific) for updating the limits on the pod and top level cgroups. I pass the nodeInfo from the Kubelet to the containerManager's Start() method and then cache it in the ContainerManager. This is not the very best way to handle this requirement. But cm object is created in app/server.go where I believe we don't have the Node info at that point. cc @derekwaynecarr.
I would injecting calls to podContainerManager create and delete methods in the next PR. Also the containers would be brought up under the pod level cgroups. So I would like to get these merged only after this code has been well tested in the next PR.
@vishh @derekwaynecarr @Random-Liu Please do a review.
cc @kubernetes/sig-node
This change is