Documentation ¶
Index ¶
- Constants
- Variables
- func EnsureDockerInContainer(dockerAPIVersion *utilversion.Version, oomScoreAdj int, manager *fs.Manager) error
- func GetKubeletContainer(kubeletCgroups string) (string, error)
- func GetPodCgroupNameSuffix(podUID types.UID) string
- func GetRuntimeContainer(containerRuntime, runtimeCgroups string) (string, error)
- func HugePageLimits(resourceList v1.ResourceList) map[int64]int64
- func IsSystemdStyleName(name string) bool
- func MilliCPUToQuota(milliCPU int64, period int64) (quota int64)
- func MilliCPUToShares(milliCPU int64) uint64
- func NewFakeInternalContainerLifecycle() *fakeInternalContainerLifecycle
- func NodeAllocatableRoot(cgroupRoot, cgroupDriver string) string
- func ParseQOSReserved(m map[string]string) (*map[v1.ResourceName]int64, error)
- type ActivePodsFunc
- type CgroupConfig
- type CgroupManager
- type CgroupName
- type CgroupSubsystems
- type ContainerManager
- type InternalContainerLifecycle
- type KernelTunableBehavior
- type MemoryStats
- type NodeAllocatableConfig
- type NodeConfig
- type PodContainerManager
- type QOSContainerManager
- type QOSContainersInfo
- type ResourceConfig
- type ResourceStats
- type Status
Constants ¶
const ( // The percent of the machine memory capacity. The value is used to calculate // docker memory resource container's hardlimit to workaround docker memory // leakage issue. Please see kubernetes/issues/9881 for more detail. DockerMemoryLimitThresholdPercent = 70 // The minimum memory limit allocated to docker container: 150Mi MinDockerMemoryLimit = 150 * 1024 * 1024 )
const ( // Taken from lmctfy https://github.com/google/lmctfy/blob/master/lmctfy/controllers/cpu_controller.cc MilliCPUToCPU = 1000 // 100000 is equivalent to 100ms QuotaPeriod = 100000 MinQuotaPeriod = 1000 )
Variables ¶
var RootCgroupName = CgroupName([]string{})
Functions ¶
func EnsureDockerInContainer ¶ added in v1.5.0
func EnsureDockerInContainer(dockerAPIVersion *utilversion.Version, oomScoreAdj int, manager *fs.Manager) error
Ensures that the Docker daemon is in the desired container. Temporarily export the function to be used by dockershim. TODO(yujuhong): Move this function to dockershim once kubelet migrates to dockershim as the default.
func GetKubeletContainer ¶ added in v1.15.0
GetKubeletContainer returns the cgroup the kubelet will use
func GetPodCgroupNameSuffix ¶ added in v1.9.0
GetPodCgroupNameSuffix returns the last element of the pod CgroupName identifier
func GetRuntimeContainer ¶ added in v1.15.0
GetRuntimeContainer returns the cgroup used by the container runtime
func HugePageLimits ¶ added in v1.8.0
func HugePageLimits(resourceList v1.ResourceList) map[int64]int64
HugePageLimits converts the API representation to a map from huge page size (in bytes) to huge page limit (in bytes).
func IsSystemdStyleName ¶ added in v1.9.0
func MilliCPUToQuota ¶ added in v1.5.0
MilliCPUToQuota converts milliCPU to CFS quota and period values.
func MilliCPUToShares ¶ added in v1.5.0
MilliCPUToShares converts the milliCPU to CFS shares.
func NewFakeInternalContainerLifecycle ¶ added in v1.8.0
func NewFakeInternalContainerLifecycle() *fakeInternalContainerLifecycle
func NodeAllocatableRoot ¶ added in v1.15.0
NodeAllocatableRoot returns the literal cgroup path for the node allocatable cgroup
func ParseQOSReserved ¶ added in v1.6.0
ParseQOSReserved parses the --qos-reserve-requests option
Types ¶
type ActivePodsFunc ¶ added in v1.6.0
type CgroupConfig ¶ added in v1.4.0
type CgroupConfig struct { // Fully qualified name prior to any driver specific conversions. Name CgroupName // ResourceParameters contains various cgroups settings to apply. ResourceParameters *ResourceConfig }
CgroupConfig holds the cgroup configuration information. This is common object which is used to specify cgroup information to both systemd and raw cgroup fs implementation of the Cgroup Manager interface.
type CgroupManager ¶ added in v1.4.0
type CgroupManager interface { // Create creates and applies the cgroup configurations on the cgroup. // It just creates the leaf cgroups. // It expects the parent cgroup to already exist. Create(*CgroupConfig) error // Destroy the cgroup. Destroy(*CgroupConfig) error // Update cgroup configuration. Update(*CgroupConfig) error // Exists checks if the cgroup already exists Exists(name CgroupName) bool // Name returns the literal cgroupfs name on the host after any driver specific conversions. // We would expect systemd implementation to make appropriate name conversion. // For example, if we pass {"foo", "bar"} // then systemd should convert the name to something like // foo.slice/foo-bar.slice Name(name CgroupName) string // CgroupName converts the literal cgroupfs name on the host to an internal identifier. CgroupName(name string) CgroupName // Pids scans through all subsystems to find pids associated with specified cgroup. Pids(name CgroupName) []int // ReduceCPULimits reduces the CPU CFS values to the minimum amount of shares. ReduceCPULimits(cgroupName CgroupName) error // GetResourceStats returns statistics of the specified cgroup as read from the cgroup fs. GetResourceStats(name CgroupName) (*ResourceStats, error) }
CgroupManager allows for cgroup management. Supports Cgroup Creation ,Deletion and Updates.
func NewCgroupManager ¶ added in v1.4.0
func NewCgroupManager(cs *CgroupSubsystems, cgroupDriver string) CgroupManager
NewCgroupManager is a factory method that returns a CgroupManager
type CgroupName ¶ added in v1.5.0
type CgroupName []string
CgroupName is the abstract name of a cgroup prior to any driver specific conversion. It is specified as a list of strings from its individual components, such as: {"kubepods", "burstable", "pod1234-abcd-5678-efgh"}
func NewCgroupName ¶ added in v1.11.0
func NewCgroupName(base CgroupName, components ...string) CgroupName
NewCgroupName composes a new cgroup name. Use RootCgroupName as base to start at the root. This function does some basic check for invalid characters at the name.
func ParseCgroupfsToCgroupName ¶ added in v1.11.0
func ParseCgroupfsToCgroupName(name string) CgroupName
func ParseSystemdToCgroupName ¶ added in v1.11.0
func ParseSystemdToCgroupName(name string) CgroupName
func (CgroupName) ToCgroupfs ¶ added in v1.11.0
func (cgroupName CgroupName) ToCgroupfs() string
func (CgroupName) ToSystemd ¶ added in v1.11.0
func (cgroupName CgroupName) ToSystemd() string
cgroupName.ToSystemd converts the internal cgroup name to a systemd name. For example, the name {"kubepods", "burstable", "pod1234-abcd-5678-efgh"} becomes "/kubepods.slice/kubepods-burstable.slice/kubepods-burstable-pod1234_abcd_5678_efgh.slice" This function always expands the systemd name into the cgroupfs form. If only the last part is needed, use path.Base(...) on it to discard the rest.
type CgroupSubsystems ¶ added in v1.4.0
type CgroupSubsystems struct { // Cgroup subsystem mounts. // e.g.: "/sys/fs/cgroup/cpu" -> ["cpu", "cpuacct"] Mounts []libcontainercgroups.Mount // Cgroup subsystem to their mount location. // e.g.: "cpu" -> "/sys/fs/cgroup/cpu" MountPoints map[string]string }
CgroupSubsystems holds information about the mounted cgroup subsystems
func GetCgroupSubsystems ¶ added in v1.4.0
func GetCgroupSubsystems() (*CgroupSubsystems, error)
GetCgroupSubsystems returns information about the mounted cgroup subsystems
type ContainerManager ¶
type ContainerManager interface { // Runs the container manager's housekeeping. // - Ensures that the Docker daemon is in a container. // - Creates the system container where all non-containerized processes run. Start(*v1.Node, ActivePodsFunc, config.SourcesReady, status.PodStatusProvider, internalapi.RuntimeService) error // SystemCgroupsLimit returns resources allocated to system cgroups in the machine. // These cgroups include the system and Kubernetes services. SystemCgroupsLimit() v1.ResourceList // GetNodeConfig returns a NodeConfig that is being used by the container manager. GetNodeConfig() NodeConfig // Status returns internal Status. Status() Status // NewPodContainerManager is a factory method which returns a podContainerManager object // Returns a noop implementation if qos cgroup hierarchy is not enabled NewPodContainerManager() PodContainerManager // GetMountedSubsystems returns the mounted cgroup subsystems on the node GetMountedSubsystems() *CgroupSubsystems // GetQOSContainersInfo returns the names of top level QoS containers GetQOSContainersInfo() QOSContainersInfo // GetNodeAllocatableReservation returns the amount of compute resources that have to be reserved from scheduling. GetNodeAllocatableReservation() v1.ResourceList // GetCapacity returns the amount of compute resources tracked by container manager available on the node. GetCapacity() v1.ResourceList // GetDevicePluginResourceCapacity returns the node capacity (amount of total device plugin resources), // node allocatable (amount of total healthy resources reported by device plugin), // and inactive device plugin resources previously registered on the node. GetDevicePluginResourceCapacity() (v1.ResourceList, v1.ResourceList, []string) // UpdateQOSCgroups performs housekeeping updates to ensure that the top // level QoS containers have their desired state in a thread-safe way UpdateQOSCgroups() error // GetResources returns RunContainerOptions with devices, mounts, and env fields populated for // extended resources required by container. GetResources(pod *v1.Pod, container *v1.Container) (*kubecontainer.RunContainerOptions, error) // UpdatePluginResources calls Allocate of device plugin handler for potential // requests for device plugin resources, and returns an error if fails. // Otherwise, it updates allocatableResource in nodeInfo if necessary, // to make sure it is at least equal to the pod's requested capacity for // any registered device plugin resource UpdatePluginResources(*schedulernodeinfo.NodeInfo, *lifecycle.PodAdmitAttributes) error InternalContainerLifecycle() InternalContainerLifecycle // GetPodCgroupRoot returns the cgroup which contains all pods. GetPodCgroupRoot() string // GetPluginRegistrationHandler returns a plugin registration handler // The pluginwatcher's Handlers allow to have a single module for handling // registration. GetPluginRegistrationHandler() cache.PluginHandler // GetDevices returns information about the devices assigned to pods and containers GetDevices(podUID, containerName string) []*podresourcesapi.ContainerDevices // ShouldResetExtendedResourceCapacity returns whether or not the extended resources should be zeroed, // due to node recreation. ShouldResetExtendedResourceCapacity() bool }
Manages the containers running on a machine.
func NewContainerManager ¶
func NewContainerManager(mountUtil mount.Interface, cadvisorInterface cadvisor.Interface, nodeConfig NodeConfig, failSwapOn bool, devicePluginEnabled bool, recorder record.EventRecorder) (ContainerManager, error)
TODO(vmarmol): Add limits to the system containers. Takes the absolute name of the specified containers. Empty container name disables use of the specified container.
func NewStubContainerManager ¶
func NewStubContainerManager() ContainerManager
func NewStubContainerManagerWithExtendedResource ¶ added in v1.14.9
func NewStubContainerManagerWithExtendedResource(shouldResetExtendedResourceCapacity bool) ContainerManager
type InternalContainerLifecycle ¶ added in v1.8.0
type KernelTunableBehavior ¶
type KernelTunableBehavior string
const ( KernelTunableWarn KernelTunableBehavior = "warn" KernelTunableError KernelTunableBehavior = "error" KernelTunableModify KernelTunableBehavior = "modify" )
type MemoryStats ¶ added in v1.6.0
type MemoryStats struct { // Memory usage (in bytes). Usage int64 }
MemoryStats holds the on-demand statistics from the memory cgroup
type NodeAllocatableConfig ¶ added in v1.6.0
type NodeAllocatableConfig struct { KubeReservedCgroupName string SystemReservedCgroupName string EnforceNodeAllocatable sets.String KubeReserved v1.ResourceList SystemReserved v1.ResourceList HardEvictionThresholds []evictionapi.Threshold }
type NodeConfig ¶
type NodeConfig struct { RuntimeCgroupsName string SystemCgroupsName string KubeletCgroupsName string ContainerRuntime string CgroupsPerQOS bool CgroupRoot string CgroupDriver string KubeletRootDir string ProtectKernelDefaults bool NodeAllocatableConfig QOSReserved map[v1.ResourceName]int64 ExperimentalCPUManagerPolicy string ExperimentalCPUManagerReconcilePeriod time.Duration ExperimentalPodPidsLimit int64 EnforceCPULimits bool CPUCFSQuotaPeriod time.Duration }
type PodContainerManager ¶ added in v1.4.0
type PodContainerManager interface { // GetPodContainerName returns the CgroupName identifier, and its literal cgroupfs form on the host. GetPodContainerName(*v1.Pod) (CgroupName, string) // EnsureExists takes a pod as argument and makes sure that // pod cgroup exists if qos cgroup hierarchy flag is enabled. // If the pod cgroup doesn't already exist this method creates it. EnsureExists(*v1.Pod) error // Exists returns true if the pod cgroup exists. Exists(*v1.Pod) bool // Destroy takes a pod Cgroup name as argument and destroys the pod's container. Destroy(name CgroupName) error // ReduceCPULimits reduces the CPU CFS values to the minimum amount of shares. ReduceCPULimits(name CgroupName) error // GetAllPodsFromCgroups enumerates the set of pod uids to their associated cgroup based on state of cgroupfs system. GetAllPodsFromCgroups() (map[types.UID]CgroupName, error) // IsPodCgroup returns true if the literal cgroupfs name corresponds to a pod IsPodCgroup(cgroupfs string) (bool, types.UID) }
PodContainerManager stores and manages pod level containers The Pod workers interact with the PodContainerManager to create and destroy containers for the pod.
type QOSContainerManager ¶ added in v1.6.0
type QOSContainerManager interface { Start(func() v1.ResourceList, ActivePodsFunc) error GetQOSContainersInfo() QOSContainersInfo UpdateCgroups() error }
func NewQOSContainerManager ¶ added in v1.6.0
func NewQOSContainerManager(subsystems *CgroupSubsystems, cgroupRoot CgroupName, nodeConfig NodeConfig, cgroupManager CgroupManager) (QOSContainerManager, error)
type QOSContainersInfo ¶ added in v1.4.0
type QOSContainersInfo struct { Guaranteed CgroupName BestEffort CgroupName Burstable CgroupName }
QOSContainersInfo stores the names of containers per qos
type ResourceConfig ¶ added in v1.4.0
type ResourceConfig struct { // Memory limit (in bytes). Memory *int64 CpuShares *uint64 // CPU hardcap limit (in usecs). Allowed cpu time in a given period. CpuQuota *int64 // CPU quota period. CpuPeriod *uint64 // HugePageLimit map from page size (in bytes) to limit (in bytes) HugePageLimit map[int64]int64 // Maximum number of pids PidsLimit *int64 }
ResourceConfig holds information about all the supported cgroup resource parameters.
func ResourceConfigForPod ¶ added in v1.5.0
func ResourceConfigForPod(pod *v1.Pod, enforceCPULimits bool, cpuPeriod uint64) *ResourceConfig
ResourceConfigForPod takes the input pod and outputs the cgroup resource config.
type ResourceStats ¶ added in v1.6.0
type ResourceStats struct { // Memory statistics. MemoryStats *MemoryStats }
ResourceStats holds on-demand statistics from various cgroup subsystems
Source Files ¶
- cgroup_manager_linux.go
- container_manager.go
- container_manager_linux.go
- container_manager_stub.go
- fake_internal_container_lifecycle.go
- helpers.go
- helpers_linux.go
- internal_container_lifecycle.go
- node_container_manager_linux.go
- pod_container_manager_linux.go
- pod_container_manager_stub.go
- qos_container_manager_linux.go
- types.go