From 38583307ca4fcba2286fefdbba43cf8cc61f6583 Mon Sep 17 00:00:00 2001 From: Dawn Chen Date: Tue, 22 Sep 2015 14:41:18 -0700 Subject: [PATCH] flag controlled RLIMIT_NOFILE for kubelet. --- cmd/kubelet/app/server.go | 9 +++++++++ pkg/util/resource_container_linux.go | 5 +++++ pkg/util/resource_container_unsupported.go | 4 ++++ 3 files changed, 18 insertions(+) diff --git a/cmd/kubelet/app/server.go b/cmd/kubelet/app/server.go index f8c6cb0cab..cfcec840dc 100644 --- a/cmd/kubelet/app/server.go +++ b/cmd/kubelet/app/server.go @@ -105,6 +105,7 @@ type KubeletServer struct { ManifestURLHeader string MasterServiceNamespace string MaxContainerCount int + MaxOpenFiles uint64 MaxPerPodContainerCount int MaxPods int MinimumGCAge time.Duration @@ -183,6 +184,7 @@ func NewKubeletServer() *KubeletServer { MasterServiceNamespace: api.NamespaceDefault, MaxContainerCount: 100, MaxPerPodContainerCount: 2, + MaxOpenFiles: 1000000, MinimumGCAge: 1 * time.Minute, NetworkPluginDir: "/usr/libexec/kubernetes/kubelet-plugins/net/exec/", NetworkPluginName: "", @@ -275,6 +277,7 @@ func (s *KubeletServer) AddFlags(fs *pflag.FlagSet) { fs.BoolVar(&s.ReallyCrashForTesting, "really-crash-for-testing", s.ReallyCrashForTesting, "If true, when panics occur crash. Intended for testing.") fs.Float64Var(&s.ChaosChance, "chaos-chance", s.ChaosChance, "If > 0.0, introduce random client errors and latency. Intended for testing. [default=0.0]") fs.BoolVar(&s.Containerized, "containerized", s.Containerized, "Experimental support for running kubelet in a container. Intended for testing. [default=false]") + fs.Uint64Var(&s.MaxOpenFiles, "max-open-files", 1000000, "Number of files that can be opened by Kubelet process. [default=1000000]") } // KubeletConfig returns a KubeletConfig suitable for being run, or an error if the server setup @@ -370,6 +373,7 @@ func (s *KubeletServer) KubeletConfig() (*KubeletConfig, error) { ManifestURLHeader: manifestURLHeader, MasterServiceNamespace: s.MasterServiceNamespace, MaxContainerCount: s.MaxContainerCount, + MaxOpenFiles: s.MaxOpenFiles, MaxPerPodContainerCount: s.MaxPerPodContainerCount, MaxPods: s.MaxPods, MinimumGCAge: s.MinimumGCAge, @@ -628,6 +632,7 @@ func SimpleKubelet(client *client.Client, ManifestURL: manifestURL, MasterServiceNamespace: masterServiceNamespace, MaxContainerCount: 100, + MaxOpenFiles: 1024, MaxPerPodContainerCount: 2, MaxPods: 32, MinimumGCAge: minimumGCAge, @@ -714,6 +719,9 @@ func RunKubelet(kcfg *KubeletConfig, builder KubeletBuilder) error { if err != nil { return fmt.Errorf("failed to create kubelet: %v", err) } + + util.ApplyRLimitForSelf(kcfg.MaxOpenFiles) + // process pods and exit. if kcfg.Runonce { if _, err := k.RunOnce(podCfg.Updates()); err != nil { @@ -801,6 +809,7 @@ type KubeletConfig struct { ManifestURLHeader http.Header MasterServiceNamespace string MaxContainerCount int + MaxOpenFiles uint64 MaxPerPodContainerCount int MaxPods int MinimumGCAge time.Duration diff --git a/pkg/util/resource_container_linux.go b/pkg/util/resource_container_linux.go index 2bc73b3bff..161de74a70 100644 --- a/pkg/util/resource_container_linux.go +++ b/pkg/util/resource_container_linux.go @@ -20,6 +20,7 @@ package util import ( "os" + "syscall" "github.com/docker/libcontainer/cgroups/fs" "github.com/docker/libcontainer/configs" @@ -39,3 +40,7 @@ func RunInResourceContainer(containerName string) error { return manager.Apply(os.Getpid()) } + +func ApplyRLimitForSelf(maxOpenFiles uint64) { + syscall.Setrlimit(syscall.RLIMIT_NOFILE, &syscall.Rlimit{Max: maxOpenFiles, Cur: maxOpenFiles}) +} diff --git a/pkg/util/resource_container_unsupported.go b/pkg/util/resource_container_unsupported.go index c470e300ee..a8ee51927b 100644 --- a/pkg/util/resource_container_unsupported.go +++ b/pkg/util/resource_container_unsupported.go @@ -25,3 +25,7 @@ import ( func RunInResourceContainer(containerName string) error { return errors.New("resource-only containers unsupported in this platform") } + +func ApplyRLimitForSelf(maxOpenFiles uint64) error { + return errors.New("SetRLimit unsupported in this platform") +}