Standardize 'pause' container #15140
Comments
thockin
added
the
priority/backlog
|
Can we also document it? Some of the snippets in docs/ mention it but it's never explained anywhere. |
|
FWIW, it isn't the only one. I see at least two versions of each of |
|
Actually, for |
a-robinson
added
sig/node
|
The original is As per the why Go, at the time we tried Go produced the smallest binary and didn't require us to ask people to have yet another dependency. |
|
Actually, if you look in the GCR UI you'll see that 1.0 == latest == go. :) |
|
News to me that there is a 1.0 too! In production, we are using and only using gcr.io/google_containers/pause:0.8.0, which is built and pushed through Makefile: ./build/pause/Makefile |
|
Sounds like someone made and pushed a 1.0 without updating the one we use in production :) |
|
Does anyone have free time to either a) make the whole codebase use 0.8.0 I'm still grumpy about it not being C - I have seen the Go binary die. On Tue, Oct 6, 2015 at 9:23 AM, Dawn Chen notifications@github.com wrote:
|
|
I had an assembly one! but you weren't a fan :D On a more serious note, long-term it is probably better that it is in C. The Go runtime wakes up a few times a minute to do nothing. So we do see some CPU usage from |
|
Slightly OT, but we can just get rid of pause no? The way CNI is currently the runtime is reponsible for setting up the new network namespace (and bind mounting a few things) but the plugin will add containers to it. I can surely see how having a library in kube that is responsible for creating namespaces with or without docker is useful. For netns, this would create and manage a point to point link with the host. |
|
@bprashanth I really want to get rid of pause. It complicates our container runtime implmentation, and resource management, introduces extra overhead, etc. I measured last time, rkt's systemd for each POD uses similar amount of resource: cpu and memory. |
|
IMHO the win here is not reclaimed resources but the ability to manage our own networking and support the minimal runc model. We'd still need something to create that first net ns that everything else joins like you mentioned. I just like the idea of teaching kube about namespace joining so it can support bare bones container runtimes (this probably goes back to pods vs containers, though). |
|
It will be some time before runc is ready for us to use, and we have more On Tue, Oct 6, 2015 at 11:47 AM, Prashanth B notifications@github.com
|
|
Assembly is a step too far, but a C program (I just did it) has an RSS of 1
page. The cost is, as you point out, you need a C compiler to rebuild it.
If you want to make the binary tiny you also need dietlibc. Is it
worthwhile?
|
|
True. I just don't like being beholden (read: enslaved) to a third party container runtime :) |
|
@thockin Could you kindly upload the C code you used to build your new pause image (if you have it now). I guess it wasn't too complicated. The gcc compiler isn't a problem, we could just build And just for curiosity, how much are we using pause atm? I guess runc has evolved a bit since 7 Oct when this was discussed. |
|
Just to repeat my previous request -- can we please document the "pause" container? People ask about it pretty frequently and it's not documented anywhere (at least not in the docs in the docs repo). |
|
@davidopp In addition, it would be good to make the container name itself slightly more self-documenting. |
Automatic merge from submit-queue Make kubelet use an arch-specific pause image depending on GOARCH Related to: #22876, #22683 and #15140 @ixdy @pwittrock @brendandburns @mikedanese @yujuhong @thockin @zmerlynn
|
@uluyol there are still a bunch of places in the tree that reference :0.8 or or :1.0 or :2.0 - do you have 15 minutes to finish this cleanup? :D |
Automatic merge from submit-queue Use pause image depending on the server's platform when testing Removed all pause image constant strings, now the pause image is chosen by arch. Part of the effort of making e2e arch-agnostic. The pause image name and version is also now only in two places, and it's documented to bump both Also removed "amd64" constants in the code. Such constants should be replaced by `runtime.GOARCH` or by looking up the server platform Fixes: #22876 and #15140 Makes it easier for: #25730 Related: #17981 This is for `v1.3` @ixdy @thockin @vishh @kubernetes/sig-testing @andyzheng0831 @Pensu
|
cc @dchen1107 ^^ |
|
Another request to document pause container. |
#15138 demonstrates that our code has no less than THREE different tags of the pause image.
Some of those say 1.0, but our codebase only has 0.8.0 - can someone explain what is going on?
@vmarmol @vishh ?
Also, can someone remind me why we didn't do this as a C program?
The text was updated successfully, but these errors were encountered: