[kubelet] Introduce --protect-kernel-defaults flag to make the tunable behaviour configurable #27874
Conversation
k8s-github-robot
added
size/M
|
@kubernetes/rh-cluster-infra |
ingvagabund
force-pushed
the
kubelet-kernel-tunning-behaviour-new-flags
branch
from
4b5992b to
53c0488
Compare
| @@ -272,4 +274,6 @@ func (s *KubeletServer) AddFlags(fs *pflag.FlagSet) { | |||
| fs.DurationVar(&s.EvictionPressureTransitionPeriod.Duration, "eviction-pressure-transition-period", s.EvictionPressureTransitionPeriod.Duration, "Duration for which the kubelet has to wait before transitioning out of an eviction pressure condition.") | |||
| fs.Int32Var(&s.EvictionMaxPodGracePeriod, "eviction-max-pod-grace-period", s.EvictionMaxPodGracePeriod, "Maximum allowed grace period (in seconds) to use when terminating pods in response to a soft eviction threshold being met. If negative, defer to pod specified value.") | |||
| fs.Int32Var(&s.PodsPerCore, "pods-per-core", s.PodsPerCore, "Number of Pods per core that can run on this Kubelet. The total number of Pods on this Kubelet cannot exceed max-pods, so max-pods will be used if this calculation results in a larger number of Pods allowed on the Kubelet. A value of 0 disables this limit.") | |||
| fs.StringVar(&s.KernelTunableBehavior, "kernel-tunable-behaviour", s.KernelTunableBehavior, "Default kubelet behaviour for kernel tunning. Valid values: warning, modify, error") | |||
There was a problem hiding this comment.
It would be good to mention here that default tunable behavior is modify if not set.
There was a problem hiding this comment.
I feel that kubelet should error out if the kernel configuration does not match its expectation. Proceeding might be OK for some configuration options, but in the long run it will be make it hard to reason kubelet behavior.
I'm OK with the flag if it can be made a boolean.
`--kernel-auto-configuration=true` When set to `true` kubelet will configure the kernel to meet its feature requirements. When set to `false` kubelet will fail if the kernel configuration is in-compatible.
There was a problem hiding this comment.
And if warn isn't the default, it doesn't seem all that harmful to add support for it
There was a problem hiding this comment.
Wondering whether there is a clear distinction between required and recommended tunables. The former can result in an error when set wrong, the latter to a warning. Having only required tunables makes people to choose the "warn" mode (which is effectively not supportable inside of a product).
There was a problem hiding this comment.
all 3 nits addressed
There was a problem hiding this comment.
Each and every option we add needs to ideally be tested. The lesser options we add, the easier it is to maintain in general.
If a need arises to support warning, we can consider it then..
As @derekwaynecarr pointed out, it will be difficult to track the various kernel configs that kubelet will depend on over time.
There was a problem hiding this comment.
@vishh warning is no longer supported, only error and modified. Is it sufficient for the moment?
k8s-github-robot
added
the
kind/api-change
| @@ -1005,3 +1012,16 @@ func parseResourceList(m utilconfig.ConfigurationMap) (api.ResourceList, error) | |||
| } | |||
| return rl, nil | |||
| } | |||
|
|
|||
| func parseKernelTunableBehaviour(behaviour string) (cm.KernelTunableBehavior, error) { | |||
ingvagabund
force-pushed
the
kubelet-kernel-tunning-behaviour-new-flags
branch
from
53c0488 to
2c231d8
Compare
ingvagabund
force-pushed
the
kubelet-kernel-tunning-behaviour-new-flags
branch
from
f36b8b2 to
e97149d
Compare
k8s-github-robot
added
the
needs-rebase
| @@ -278,4 +279,5 @@ func (s *KubeletServer) AddFlags(fs *pflag.FlagSet) { | |||
| fs.DurationVar(&s.EvictionPressureTransitionPeriod.Duration, "eviction-pressure-transition-period", s.EvictionPressureTransitionPeriod.Duration, "Duration for which the kubelet has to wait before transitioning out of an eviction pressure condition.") | |||
| fs.Int32Var(&s.EvictionMaxPodGracePeriod, "eviction-max-pod-grace-period", s.EvictionMaxPodGracePeriod, "Maximum allowed grace period (in seconds) to use when terminating pods in response to a soft eviction threshold being met. If negative, defer to pod specified value.") | |||
| fs.Int32Var(&s.PodsPerCore, "pods-per-core", s.PodsPerCore, "Number of Pods per core that can run on this Kubelet. The total number of Pods on this Kubelet cannot exceed max-pods, so max-pods will be used if this calculation results in a larger number of Pods allowed on the Kubelet. A value of 0 disables this limit.") | |||
| fs.StringVar(&s.KernelTunableBehavior, "kernel-tunable-behaviour", s.KernelTunableBehavior, "Kubelet behaviour for kernel tuning. Valid values are 'modify', 'error'. Defaults to 'modify'") | |||
There was a problem hiding this comment.
I'd still prefer this flag to be a boolen. Until we know for a fact that warning mode is required, this can be a boolean.
For example, --set-kernel-defaults=[true].
ingvagabund
force-pushed
the
kubelet-kernel-tunning-behaviour-new-flags
branch
from
e97149d to
a9d4f6e
Compare
k8s-github-robot
removed
the
needs-rebase
ingvagabund
force-pushed
the
kubelet-kernel-tunning-behaviour-new-flags
branch
2 times, most recently
from
7629805 to
6220206
Compare
k8s-github-robot
added
do-not-merge
ingvagabund
force-pushed
the
kubelet-kernel-tunning-behaviour-new-flags
branch
from
6220206 to
0994e01
Compare
|
So, still something needs to be re-generated |
sttts
added
release-note
|
@ingvagabund Jenkins is happy now |
ingvagabund
changed the title
|
@sttts finally, now it's time for the re-base game. |
|
@vishh updated, changed to boolean flag --protect-kernel-defaults, if not set => modify, if set => error |
| @@ -1020,3 +1027,11 @@ func parseResourceList(m utilconfig.ConfigurationMap) (api.ResourceList, error) | |||
| } | |||
| return rl, nil | |||
| } | |||
|
|
|||
| func parseKernelTunableBehaviour(protect bool) cm.KernelTunableBehavior { | |||
There was a problem hiding this comment.
nit: Why keep this config as a string when the user input is a boolean?
There was a problem hiding this comment.
Since there are three behaviours. At the moment, the behaviour flag is boolean. Later, it can be changed/removed/extended with more flags. In order to make the transition from input to any of the three (and in future more) behaviour generic, I kept the parse function here.
There was a problem hiding this comment.
The problem is that kubelet is consumed in different methods. One if via the cmd/kubelet package. It also gets linked into other binaries. I'd prefer not supporting the warn option at all for now for the same reasons mentioned above. Changing internal code is much simpler in the future than the CLI, so we can switch to a string easily in the future.
There was a problem hiding this comment.
Updated the NodeConfig to take bool instead of string. Rebased.
|
cc @mtaufen --> FYI: This PR adds another config object to kubelet. |
|
@ingvagabund Just one more nit/comment. Otherwise LGTM. Sorry for the delay |
k8s-github-robot
added
the
needs-rebase
|
@ingvagabund mind addressing the comment so we can get this merged? |
ingvagabund
force-pushed
the
kubelet-kernel-tunning-behaviour-new-flags
branch
from
0994e01 to
b09757e
Compare
k8s-github-robot
removed
the
needs-rebase
…eBehavior configurable
|
The Almost done re-generating. |
ingvagabund
force-pushed
the
kubelet-kernel-tunning-behaviour-new-flags
branch
from
b09757e to
587b1f8
Compare
|
GCE e2e build/test passed for commit 587b1f8. |
|
@vishh PTAL |
|
@vishh bump 😄 |
vishh
added
the
lgtm
|
lgtm. Thanks @ingvagabund! |
|
@k8s-bot test this [submit-queue is verifying that this PR is safe to merge] |
|
GCE e2e build/test passed for commit 587b1f8. |
|
Automatic merge from submit-queue |
Let's make the default behaviour of kernel tuning configurable. The default behaviour is kept modify as has been so far.
This change is