From 43ae6f49ad8ce6c15f168df112d74098a0d144c5 Mon Sep 17 00:00:00 2001 From: Derek Carr Date: Mon, 20 Feb 2017 12:05:06 -0500 Subject: [PATCH] Enable per pod cgroups, fix defaulting of cgroup-root when not specified --- cmd/kubelet/app/server.go | 4 ++++ hack/local-up-cluster.sh | 6 +----- pkg/apis/componentconfig/v1alpha1/defaults.go | 15 +-------------- pkg/kubelet/cm/container_manager_linux.go | 1 + pkg/kubelet/cm/pod_container_manager_linux.go | 3 +++ .../benchmark/jenkins-benchmark.properties | 2 +- .../conformance/jenkins-conformance.properties | 2 +- 7 files changed, 12 insertions(+), 21 deletions(-) diff --git a/cmd/kubelet/app/server.go b/cmd/kubelet/app/server.go index d60ccde2b7..6d88325d10 100644 --- a/cmd/kubelet/app/server.go +++ b/cmd/kubelet/app/server.go @@ -452,6 +452,10 @@ func run(s *options.KubeletServer, kubeDeps *kubelet.KubeletDeps) (err error) { if s.SystemCgroups != "" && s.CgroupRoot == "" { return fmt.Errorf("invalid configuration: system container was specified and cgroup root was not specified") } + if s.CgroupsPerQOS && s.CgroupRoot == "" { + glog.Infof("--cgroups-per-qos enabled, but --cgroup-root was not specified. defaulting to /") + s.CgroupRoot = "/" + } kubeDeps.ContainerManager, err = cm.NewContainerManager( kubeDeps.Mounter, kubeDeps.CAdvisorInterface, diff --git a/hack/local-up-cluster.sh b/hack/local-up-cluster.sh index 7357f5314f..86d0c57875 100755 --- a/hack/local-up-cluster.sh +++ b/hack/local-up-cluster.sh @@ -36,10 +36,7 @@ NET_PLUGIN_DIR=${NET_PLUGIN_DIR:-""} SERVICE_CLUSTER_IP_RANGE=${SERVICE_CLUSTER_IP_RANGE:-10.0.0.0/24} FIRST_SERVICE_CLUSTER_IP=${FIRST_SERVICE_CLUSTER_IP:-10.0.0.1} # if enabled, must set CGROUP_ROOT -CGROUPS_PER_QOS=${CGROUPS_PER_QOS:-false} -# this is not defaulted to preserve backward compatibility. -# if EXPERIMENTAL_CGROUPS_PER_QOS is enabled, recommend setting to / -CGROUP_ROOT=${CGROUP_ROOT:-""} +CGROUPS_PER_QOS=${CGROUPS_PER_QOS:-true} # name of the cgroup driver, i.e. cgroupfs or systemd CGROUP_DRIVER=${CGROUP_DRIVER:-""} # owner of client certs, default to current user if not specified @@ -594,7 +591,6 @@ function start_kubelet { --enable-controller-attach-detach="${ENABLE_CONTROLLER_ATTACH_DETACH}" \ --cgroups-per-qos=${CGROUPS_PER_QOS} \ --cgroup-driver=${CGROUP_DRIVER} \ - --cgroup-root=${CGROUP_ROOT} \ --keep-terminated-pod-volumes=true \ --eviction-hard=${EVICTION_HARD} \ --eviction-soft=${EVICTION_SOFT} \ diff --git a/pkg/apis/componentconfig/v1alpha1/defaults.go b/pkg/apis/componentconfig/v1alpha1/defaults.go index 9b9f63167a..ee0bec3071 100644 --- a/pkg/apis/componentconfig/v1alpha1/defaults.go +++ b/pkg/apis/componentconfig/v1alpha1/defaults.go @@ -204,9 +204,6 @@ func SetDefaults_KubeletConfiguration(obj *KubeletConfiguration) { if obj.CertDirectory == "" { obj.CertDirectory = "/var/run/kubernetes" } - if obj.CgroupsPerQOS == nil { - obj.CgroupsPerQOS = boolVar(false) - } if obj.ContainerRuntime == "" { obj.ContainerRuntime = "docker" } @@ -395,22 +392,12 @@ func SetDefaults_KubeletConfiguration(obj *KubeletConfiguration) { obj.IPTablesDropBit = &temp } if obj.CgroupsPerQOS == nil { - temp := false + temp := true obj.CgroupsPerQOS = &temp } if obj.CgroupDriver == "" { obj.CgroupDriver = "cgroupfs" } - // NOTE: this is for backwards compatibility with earlier releases where cgroup-root was optional. - // if cgroups per qos is not enabled, and cgroup-root is not specified, we need to default to the - // container runtime default and not default to the root cgroup. - if obj.CgroupsPerQOS != nil { - if *obj.CgroupsPerQOS { - if obj.CgroupRoot == "" { - obj.CgroupRoot = "/" - } - } - } if obj.EnableCRI == nil { obj.EnableCRI = boolVar(true) } diff --git a/pkg/kubelet/cm/container_manager_linux.go b/pkg/kubelet/cm/container_manager_linux.go index e0a1fa27c7..71b55c2e84 100644 --- a/pkg/kubelet/cm/container_manager_linux.go +++ b/pkg/kubelet/cm/container_manager_linux.go @@ -220,6 +220,7 @@ func NewContainerManager(mountUtil mount.Interface, cadvisorInterface cadvisor.I if !cgroupManager.Exists(CgroupName(nodeConfig.CgroupRoot)) { return nil, fmt.Errorf("invalid configuration: cgroup-root doesn't exist: %v", err) } + glog.Infof("container manager verified cgroup-root exists: %v", nodeConfig.CgroupRoot) } return &containerManagerImpl{ cadvisorInterface: cadvisorInterface, diff --git a/pkg/kubelet/cm/pod_container_manager_linux.go b/pkg/kubelet/cm/pod_container_manager_linux.go index b45aeea92c..4468e4753a 100644 --- a/pkg/kubelet/cm/pod_container_manager_linux.go +++ b/pkg/kubelet/cm/pod_container_manager_linux.go @@ -194,6 +194,9 @@ func (m *podContainerManagerImpl) GetAllPodsFromCgroups() (map[types.UID]CgroupN qc := path.Join(val, qcConversion) dirInfo, err := ioutil.ReadDir(qc) if err != nil { + if os.IsNotExist(err) { + continue + } return nil, fmt.Errorf("failed to read the cgroup directory %v : %v", qc, err) } for i := range dirInfo { diff --git a/test/e2e_node/jenkins/benchmark/jenkins-benchmark.properties b/test/e2e_node/jenkins/benchmark/jenkins-benchmark.properties index 774110a7fb..e039448330 100644 --- a/test/e2e_node/jenkins/benchmark/jenkins-benchmark.properties +++ b/test/e2e_node/jenkins/benchmark/jenkins-benchmark.properties @@ -5,5 +5,5 @@ GCE_PROJECT=k8s-jkns-ci-node-e2e CLEANUP=true GINKGO_FLAGS='--skip="\[Flaky\]"' TEST_ARGS='--feature-gates=DynamicKubeletConfig=true' -KUBELET_ARGS='--cgroups-per-qos=false --cgroup-root=/' +KUBELET_ARGS='--cgroups-per-qos=true --cgroup-root=/' PARALLELISM=1 diff --git a/test/e2e_node/jenkins/conformance/jenkins-conformance.properties b/test/e2e_node/jenkins/conformance/jenkins-conformance.properties index f1ca88b2d6..6c8b10bbab 100644 --- a/test/e2e_node/jenkins/conformance/jenkins-conformance.properties +++ b/test/e2e_node/jenkins/conformance/jenkins-conformance.properties @@ -3,4 +3,4 @@ GCE_IMAGE_CONFIG_PATH=test/e2e_node/jenkins/image-config.yaml GCE_ZONE=us-central1-f GCE_PROJECT=k8s-jkns-ci-node-e2e CLEANUP=true -KUBELET_ARGS='--cgroups-per-qos=false --cgroup-root=/' +KUBELET_ARGS='--cgroups-per-qos=true --cgroup-root=/'