From efee009b48a26f5ebca5561f161f93e76fe04ce3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ga=C3=ABtan=20Trellu?= Date: Mon, 17 Jun 2019 10:55:25 -0400 Subject: [PATCH] Support enforcing node allocatable and QoS Magnum supports cgroups which is nice but some features are required to avoid pods to consume all the resources of a nodes. Options added to masters and nodes: --cgroups-per-qos=true --enforce-node-allocatable=pods Change-Id: I284718358865c4dcac06243c3116fd5868623439 Story: 2005903 Task: 33765 --- .../kubernetes/fragments/configure-kubernetes-master.sh | 2 +- .../kubernetes/fragments/configure-kubernetes-minion.sh | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/magnum/drivers/common/templates/kubernetes/fragments/configure-kubernetes-master.sh b/magnum/drivers/common/templates/kubernetes/fragments/configure-kubernetes-master.sh index 56e6646a44..5727eaa3af 100644 --- a/magnum/drivers/common/templates/kubernetes/fragments/configure-kubernetes-master.sh +++ b/magnum/drivers/common/templates/kubernetes/fragments/configure-kubernetes-master.sh @@ -249,7 +249,7 @@ chmod +x /etc/kubernetes/get_require_kubeconfig.sh KUBELET_ARGS="${KUBELET_ARGS} --client-ca-file=${CERT_DIR}/ca.crt --tls-cert-file=${CERT_DIR}/kubelet.crt --tls-private-key-file=${CERT_DIR}/kubelet.key --kubeconfig ${KUBELET_KUBECONFIG}" # specified cgroup driver -KUBELET_ARGS="${KUBELET_ARGS} --cgroup-driver=${CGROUP_DRIVER}" +KUBELET_ARGS="${KUBELET_ARGS} --cgroup-driver=${CGROUP_DRIVER} --cgroups-per-qos=true --enforce-node-allocatable=pods" $ssh_cmd systemctl disable docker if $ssh_cmd cat /usr/lib/systemd/system/docker.service | grep 'native.cgroupdriver'; then diff --git a/magnum/drivers/common/templates/kubernetes/fragments/configure-kubernetes-minion.sh b/magnum/drivers/common/templates/kubernetes/fragments/configure-kubernetes-minion.sh index d7ac2f0f88..5ed8d6031e 100644 --- a/magnum/drivers/common/templates/kubernetes/fragments/configure-kubernetes-minion.sh +++ b/magnum/drivers/common/templates/kubernetes/fragments/configure-kubernetes-minion.sh @@ -154,7 +154,7 @@ fi KUBELET_ARGS="${KUBELET_ARGS} --client-ca-file=${CERT_DIR}/ca.crt --tls-cert-file=${CERT_DIR}/kubelet.crt --tls-private-key-file=${CERT_DIR}/kubelet.key" # specified cgroup driver -KUBELET_ARGS="${KUBELET_ARGS} --cgroup-driver=${CGROUP_DRIVER}" +KUBELET_ARGS="${KUBELET_ARGS} --cgroup-driver=${CGROUP_DRIVER} --cgroups-per-qos=true --enforce-node-allocatable=pods" if [ "$(echo $AUTO_HEALING_ENABLED | tr '[:upper:]' '[:lower:]')" = "true" ]; then KUBELET_ARGS="${KUBELET_ARGS} --node-labels=draino-enabled=true"