From 94ba270906b398d5a44004a5ecd4b07363043006 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?C=C3=A9dric=20Jeanneret?= <cjeanner@redhat.com>
Date: Tue, 25 Aug 2020 08:13:55 +0200
Subject: [PATCH] Set a higher PIDs limit for nova_libvirt container

The default limit is set to 4096. This can be reached with about 150
VMs, and therefore can lead to a situation where you're unable to start
new VMs on a compute node.

This patch integrates the modifications made by Rabi in his own
(abandonned) patch.

Note: this patch needs to be backported down to stable/train. The value
of Depends-On will need to be updated in order to point to another
patch, in paunch repository: https://review.opendev.org/747831

Change-Id: Ic414fc8826e4164ed679fbe22b82acf39c9ed7e0
Co-Authored-By: Rabi Mishra <ramishra@redhat.com>
Related: https://bugzilla.redhat.com/show_bug.cgi?id=1871885
Closes-Bug: #1892817
Depends-On: https://review.opendev.org/747831
(cherry picked from commit 9d71882a420ac77d033c77f6ca762c6636603129)
(cherry picked from commit daff4688fb016a46f49660fa03ca5a43e3945d52)
---
 deployment/nova/nova-libvirt-container-puppet.yaml          | 6 ++++++
 .../ContainerNovaLibvirtPidsLimit-cdad2166b6c0195f.yaml     | 6 ++++++
 2 files changed, 12 insertions(+)
 create mode 100644 releasenotes/notes/ContainerNovaLibvirtPidsLimit-cdad2166b6c0195f.yaml

diff --git a/deployment/nova/nova-libvirt-container-puppet.yaml b/deployment/nova/nova-libvirt-container-puppet.yaml
index 1758cbb405..11e9e1da49 100644
--- a/deployment/nova/nova-libvirt-container-puppet.yaml
+++ b/deployment/nova/nova-libvirt-container-puppet.yaml
@@ -16,6 +16,11 @@ parameters:
     default: ['nofile=131072', 'nproc=126960']
     description: ulimit for Nova Libvirt Container
     type: comma_delimited_list
+  ContainerNovaLibvirtPidsLimit:
+    default: 65536
+    description: Tune nova_libvirt container PID limit (set to 0 for unlimited)
+                 (defaults to 65536)
+    type: number
   ServiceData:
     default: {}
     description: Dictionary packing service data
@@ -693,6 +698,7 @@ outputs:
             ulimit: {get_param: ContainerNovaLibvirtUlimit}
             net: host
             pid: host
+            pids_limit: {get_param: ContainerNovaLibvirtPidsLimit}
             privileged: true
             security_opt: label=disable
             restart: always
diff --git a/releasenotes/notes/ContainerNovaLibvirtPidsLimit-cdad2166b6c0195f.yaml b/releasenotes/notes/ContainerNovaLibvirtPidsLimit-cdad2166b6c0195f.yaml
new file mode 100644
index 0000000000..e4416a6d96
--- /dev/null
+++ b/releasenotes/notes/ContainerNovaLibvirtPidsLimit-cdad2166b6c0195f.yaml
@@ -0,0 +1,6 @@
+---
+features:
+  - |
+    Adds a new ContainerNovaLibvirtPidsLimit parameter in order to set the
+    PIDs limit for nova_libvirt container. Defaults to 65536, set to 0 for
+    unlimited.