Support enforcing node allocatable and QoS

Magnum supports cgroups which is nice but some features are required to avoid pods to consume all the resources of a nodes. Options added to masters and nodes: --cgroups-per-qos=true --enforce-node-allocatable=pods Change-Id: I284718358865c4dcac06243c3116fd5868623439 Story: 2005903 Task: 33765
2019-06-17 10:55:25 -04:00 · 2019-06-17 10:55:25 -04:00 · efee009b48
parent 77d4408fc4
commit efee009b48
2 changed files with 2 additions and 2 deletions
--- a/magnum/drivers/common/templates/kubernetes/fragments/configure-kubernetes-master.sh
+++ b/magnum/drivers/common/templates/kubernetes/fragments/configure-kubernetes-master.sh
@ -249,7 +249,7 @@ chmod +x /etc/kubernetes/get_require_kubeconfig.sh
 KUBELET_ARGS="${KUBELET_ARGS} --client-ca-file=${CERT_DIR}/ca.crt --tls-cert-file=${CERT_DIR}/kubelet.crt --tls-private-key-file=${CERT_DIR}/kubelet.key --kubeconfig ${KUBELET_KUBECONFIG}"

 # specified cgroup driver
-KUBELET_ARGS="${KUBELET_ARGS} --cgroup-driver=${CGROUP_DRIVER}"
+KUBELET_ARGS="${KUBELET_ARGS} --cgroup-driver=${CGROUP_DRIVER} --cgroups-per-qos=true --enforce-node-allocatable=pods"

 $ssh_cmd systemctl disable docker
 if $ssh_cmd cat /usr/lib/systemd/system/docker.service | grep 'native.cgroupdriver'; then
--- a/magnum/drivers/common/templates/kubernetes/fragments/configure-kubernetes-minion.sh
+++ b/magnum/drivers/common/templates/kubernetes/fragments/configure-kubernetes-minion.sh
@ -154,7 +154,7 @@ fi
 KUBELET_ARGS="${KUBELET_ARGS} --client-ca-file=${CERT_DIR}/ca.crt --tls-cert-file=${CERT_DIR}/kubelet.crt --tls-private-key-file=${CERT_DIR}/kubelet.key"

 # specified cgroup driver
-KUBELET_ARGS="${KUBELET_ARGS} --cgroup-driver=${CGROUP_DRIVER}"
+KUBELET_ARGS="${KUBELET_ARGS} --cgroup-driver=${CGROUP_DRIVER} --cgroups-per-qos=true --enforce-node-allocatable=pods"

 if [ "$(echo $AUTO_HEALING_ENABLED | tr '[:upper:]' '[:lower:]')" = "true" ]; then
    KUBELET_ARGS="${KUBELET_ARGS} --node-labels=draino-enabled=true"