Add service parameter to control pod pids limit
Create a config section for kubernetes service. Create a parameter named pod_max_pids to have similar name as the kubernetes parameter pod-max-pids. Store the value in the config section. This will create a system-wide entry in hieradata when unlocking: plattform::kubernetes::params::k8s_pod_max_pids This affects hosts with kubelet running, meaning controller and worker personalities. A config out of date will be raised for all hosts of both personalities, even for parameters that target only a specific personality. After modifying the parameter a host-lock then host-unlock is required. Platform pods use under 20 processes in steady state. Some openstack pods reach ~450 processes in steady state. Since StarlingX provides some optional apps we provide a default value that takes into account the most hungry app, that being openstack. The database entry will be populated considering openstack will be applied.(I707ddc4ca67595fbf809c6ffc15ecd4fb21f4661), but we shouldn't restrict the minimum based on optional apps, as this allows the user to set a lower minimum if there is no plan to use openstack. Tested on Standard+dedicated storage: - out of sync raised for controllers and workers when using service-parameter modify - alarm cleared after host-lock, host-unlock - new value correctly generated and used - add with system service-parameter-add - modify with system service-parameter-modify Tested on top of: I10c1684fe3145e0a46b011f8e87f7a23557ddd4a Partial-Bug: 1928353 Signed-off-by: Dan Voiculeasa <dan.voiculeasa@windriver.com> Change-Id: I74fcf2bd405c2a3811a4f27a55b28c0d001430e1
This commit is contained in:
parent
ed967ad81c
commit
bf547186d1
|
@ -1122,6 +1122,14 @@ DEFAULT_REGISTRIES_INFO = {
|
|||
}
|
||||
|
||||
# kubernetes parameters
|
||||
SERVICE_PARAM_SECTION_KUBERNETES_CONFIG = 'config'
|
||||
SERVICE_PARAM_NAME_KUBERNETES_POD_MAX_PIDS = 'pod_max_pids'
|
||||
# Platform pods use under 20 in steady state, but allow extra room.
|
||||
SERVICE_PARAM_KUBERNETES_POD_MAX_PIDS_MIN = 100
|
||||
# Some openstack pods reach ~450 in steady state, allow 2/3 extra to be safe.
|
||||
SERVICE_PARAM_KUBERNETES_POD_MAX_PIDS_DEFAULT = 750
|
||||
SERVICE_PARAM_KUBERNETES_POD_MAX_PIDS_MAX = 65535
|
||||
|
||||
SERVICE_PARAM_SECTION_KUBERNETES_CERTIFICATES = 'certificates'
|
||||
SERVICE_PARAM_NAME_KUBERNETES_API_SAN_LIST = 'apiserver_certsan'
|
||||
|
||||
|
|
|
@ -389,6 +389,13 @@ def _validate_admission_plugins(name, value):
|
|||
"Invalid admission plugin: '%s'" % plugin))
|
||||
|
||||
|
||||
def _validate_pod_max_pids(name, value):
|
||||
"""Check if specified value is supported"""
|
||||
_validate_range(name, value,
|
||||
constants.SERVICE_PARAM_KUBERNETES_POD_MAX_PIDS_MIN,
|
||||
constants.SERVICE_PARAM_KUBERNETES_POD_MAX_PIDS_MAX)
|
||||
|
||||
|
||||
PLATFORM_CONFIG_PARAMETER_OPTIONAL = [
|
||||
constants.SERVICE_PARAM_NAME_PLAT_CONFIG_VIRTUAL,
|
||||
]
|
||||
|
@ -630,6 +637,19 @@ KUBERNETES_CERTIFICATES_PARAMETER_DATA_FORMAT = {
|
|||
constants.SERVICE_PARAM_NAME_KUBERNETES_API_SAN_LIST: SERVICE_PARAMETER_DATA_FORMAT_ARRAY,
|
||||
}
|
||||
|
||||
KUBERNETES_CONFIG_PARAMETER_OPTIONAL = [
|
||||
constants.SERVICE_PARAM_NAME_KUBERNETES_POD_MAX_PIDS,
|
||||
]
|
||||
|
||||
KUBERNETES_CONFIG_PARAMETER_VALIDATOR = {
|
||||
constants.SERVICE_PARAM_NAME_KUBERNETES_POD_MAX_PIDS: _validate_pod_max_pids,
|
||||
}
|
||||
|
||||
KUBERNETES_CONFIG_PARAMETER_RESOURCE = {
|
||||
constants.SERVICE_PARAM_NAME_KUBERNETES_POD_MAX_PIDS:
|
||||
'platform::kubernetes::params::k8s_pod_max_pids',
|
||||
}
|
||||
|
||||
KUBERNETES_APISERVER_PARAMETER_OPTIONAL = [
|
||||
constants.SERVICE_PARAM_NAME_OIDC_ISSUER_URL,
|
||||
constants.SERVICE_PARAM_NAME_OIDC_CLIENT_ID,
|
||||
|
@ -805,6 +825,11 @@ SERVICE_PARAMETER_SCHEMA = {
|
|||
SERVICE_PARAM_VALIDATOR: KUBERNETES_APISERVER_PARAMETER_VALIDATOR,
|
||||
SERVICE_PARAM_RESOURCE: KUBERNETES_APISERVER_PARAMETER_RESOURCE,
|
||||
},
|
||||
constants.SERVICE_PARAM_SECTION_KUBERNETES_CONFIG: {
|
||||
SERVICE_PARAM_OPTIONAL: KUBERNETES_CONFIG_PARAMETER_OPTIONAL,
|
||||
SERVICE_PARAM_VALIDATOR: KUBERNETES_CONFIG_PARAMETER_VALIDATOR,
|
||||
SERVICE_PARAM_RESOURCE: KUBERNETES_CONFIG_PARAMETER_RESOURCE,
|
||||
},
|
||||
},
|
||||
constants.SERVICE_TYPE_PTP: {
|
||||
constants.SERVICE_PARAM_SECTION_PTP_GLOBAL: {
|
||||
|
|
|
@ -8583,6 +8583,14 @@ class ConductorManager(service.PeriodicService):
|
|||
config_uuid = self._config_update_hosts(context,
|
||||
[constants.CONTROLLER],
|
||||
reboot=True)
|
||||
elif service == constants.SERVICE_TYPE_KUBERNETES:
|
||||
# The KUBERNETES_POD_MAX_PIDS affects workers.
|
||||
# A smarter way would be for update_service_config to receive the
|
||||
# diff list or dict, to only target required personalities.
|
||||
config_uuid = self._config_update_hosts(context,
|
||||
[constants.CONTROLLER,
|
||||
constants.WORKER],
|
||||
reboot=True)
|
||||
else:
|
||||
# All other services
|
||||
personalities = [constants.CONTROLLER]
|
||||
|
|
Loading…
Reference in New Issue