cm

package
v1.23.7-rc.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Apr 14, 2022 License: Apache-2.0 Imports: 69 Imported by: 565

Documentation

Index

Constants

View Source
const (

	// MemoryMin is memory.min for cgroup v2
	MemoryMin string = "memory.min"
	// MemoryHigh is memory.high for cgroup v2
	MemoryHigh string = "memory.high"
)
View Source
const (
	// These limits are defined in the kernel:
	// https://github.com/torvalds/linux/blob/0bddd227f3dc55975e2b8dfa7fc6f959b062a2c7/kernel/sched/sched.h#L427-L428
	MinShares = 2
	MaxShares = 262144

	SharesPerCPU  = 1024
	MilliCPUToCPU = 1000

	// 100000 is equivalent to 100ms
	QuotaPeriod    = 100000
	MinQuotaPeriod = 1000
)

Variables

View Source
var RootCgroupName = CgroupName([]string{})

Functions

func EnsureDockerInContainer added in v1.5.0

func EnsureDockerInContainer(dockerAPIVersion *utilversion.Version, oomScoreAdj int, manager cgroups.Manager) error

Ensures that the Docker daemon is in the desired container. Temporarily export the function to be used by dockershim. TODO(yujuhong): Move this function to dockershim once kubelet migrates to dockershim as the default.

func GetKubeletContainer added in v1.15.0

func GetKubeletContainer(kubeletCgroups string) (string, error)

GetKubeletContainer returns the cgroup the kubelet will use

func GetPodCgroupNameSuffix added in v1.9.0

func GetPodCgroupNameSuffix(podUID types.UID) string

GetPodCgroupNameSuffix returns the last element of the pod CgroupName identifier

func GetRuntimeContainer added in v1.15.0

func GetRuntimeContainer(containerRuntime, runtimeCgroups string) (string, error)

GetRuntimeContainer returns the cgroup used by the container runtime

func HugePageLimits added in v1.8.0

func HugePageLimits(resourceList v1.ResourceList) map[int64]int64

HugePageLimits converts the API representation to a map from huge page size (in bytes) to huge page limit (in bytes).

func IsSystemdStyleName added in v1.9.0

func IsSystemdStyleName(name string) bool

func MilliCPUToQuota added in v1.5.0

func MilliCPUToQuota(milliCPU int64, period int64) (quota int64)

MilliCPUToQuota converts milliCPU to CFS quota and period values.

func MilliCPUToShares added in v1.5.0

func MilliCPUToShares(milliCPU int64) uint64

MilliCPUToShares converts the milliCPU to CFS shares.

func NewFakeInternalContainerLifecycle added in v1.8.0

func NewFakeInternalContainerLifecycle() *fakeInternalContainerLifecycle

func NodeAllocatableRoot added in v1.15.0

func NodeAllocatableRoot(cgroupRoot string, cgroupsPerQOS bool, cgroupDriver string) string

NodeAllocatableRoot returns the literal cgroup path for the node allocatable cgroup

func ParseQOSReserved added in v1.6.0

func ParseQOSReserved(m map[string]string) (*map[v1.ResourceName]int64, error)

ParseQOSReserved parses the --qos-reserve-requests option

Types

type ActivePodsFunc added in v1.6.0

type ActivePodsFunc func() []*v1.Pod

type CgroupConfig added in v1.4.0

type CgroupConfig struct {
	// Fully qualified name prior to any driver specific conversions.
	Name CgroupName
	// ResourceParameters contains various cgroups settings to apply.
	ResourceParameters *ResourceConfig
}

CgroupConfig holds the cgroup configuration information. This is common object which is used to specify cgroup information to both systemd and raw cgroup fs implementation of the Cgroup Manager interface.

type CgroupManager added in v1.4.0

type CgroupManager interface {
	// Create creates and applies the cgroup configurations on the cgroup.
	// It just creates the leaf cgroups.
	// It expects the parent cgroup to already exist.
	Create(*CgroupConfig) error
	// Destroy the cgroup.
	Destroy(*CgroupConfig) error
	// Update cgroup configuration.
	Update(*CgroupConfig) error
	// Exists checks if the cgroup already exists
	Exists(name CgroupName) bool
	// Name returns the literal cgroupfs name on the host after any driver specific conversions.
	// We would expect systemd implementation to make appropriate name conversion.
	// For example, if we pass {"foo", "bar"}
	// then systemd should convert the name to something like
	// foo.slice/foo-bar.slice
	Name(name CgroupName) string
	// CgroupName converts the literal cgroupfs name on the host to an internal identifier.
	CgroupName(name string) CgroupName
	// Pids scans through all subsystems to find pids associated with specified cgroup.
	Pids(name CgroupName) []int
	// ReduceCPULimits reduces the CPU CFS values to the minimum amount of shares.
	ReduceCPULimits(cgroupName CgroupName) error
	// MemoryUsage returns current memory usage of the specified cgroup, as read from the cgroupfs.
	MemoryUsage(name CgroupName) (int64, error)
}

CgroupManager allows for cgroup management. Supports Cgroup Creation ,Deletion and Updates.

func NewCgroupManager added in v1.4.0

func NewCgroupManager(cs *CgroupSubsystems, cgroupDriver string) CgroupManager

NewCgroupManager is a factory method that returns a CgroupManager

type CgroupName added in v1.5.0

type CgroupName []string

CgroupName is the abstract name of a cgroup prior to any driver specific conversion. It is specified as a list of strings from its individual components, such as: {"kubepods", "burstable", "pod1234-abcd-5678-efgh"}

func NewCgroupName added in v1.11.0

func NewCgroupName(base CgroupName, components ...string) CgroupName

NewCgroupName composes a new cgroup name. Use RootCgroupName as base to start at the root. This function does some basic check for invalid characters at the name.

func ParseCgroupfsToCgroupName added in v1.11.0

func ParseCgroupfsToCgroupName(name string) CgroupName

func ParseSystemdToCgroupName added in v1.11.0

func ParseSystemdToCgroupName(name string) CgroupName

func (CgroupName) ToCgroupfs added in v1.11.0

func (cgroupName CgroupName) ToCgroupfs() string

func (CgroupName) ToSystemd added in v1.11.0

func (cgroupName CgroupName) ToSystemd() string

cgroupName.ToSystemd converts the internal cgroup name to a systemd name. For example, the name {"kubepods", "burstable", "pod1234-abcd-5678-efgh"} becomes "/kubepods.slice/kubepods-burstable.slice/kubepods-burstable-pod1234_abcd_5678_efgh.slice" This function always expands the systemd name into the cgroupfs form. If only the last part is needed, use path.Base(...) on it to discard the rest.

type CgroupSubsystems added in v1.4.0

type CgroupSubsystems struct {
	// Cgroup subsystem mounts.
	// e.g.: "/sys/fs/cgroup/cpu" -> ["cpu", "cpuacct"]
	Mounts []libcontainercgroups.Mount

	// Cgroup subsystem to their mount location.
	// e.g.: "cpu" -> "/sys/fs/cgroup/cpu"
	MountPoints map[string]string
}

CgroupSubsystems holds information about the mounted cgroup subsystems

func GetCgroupSubsystems added in v1.4.0

func GetCgroupSubsystems() (*CgroupSubsystems, error)

GetCgroupSubsystems returns information about the mounted cgroup subsystems

type ContainerManager

type ContainerManager interface {
	// Runs the container manager's housekeeping.
	// - Ensures that the Docker daemon is in a container.
	// - Creates the system container where all non-containerized processes run.
	Start(*v1.Node, ActivePodsFunc, config.SourcesReady, status.PodStatusProvider, internalapi.RuntimeService) error

	// SystemCgroupsLimit returns resources allocated to system cgroups in the machine.
	// These cgroups include the system and Kubernetes services.
	SystemCgroupsLimit() v1.ResourceList

	// GetNodeConfig returns a NodeConfig that is being used by the container manager.
	GetNodeConfig() NodeConfig

	// Status returns internal Status.
	Status() Status

	// NewPodContainerManager is a factory method which returns a podContainerManager object
	// Returns a noop implementation if qos cgroup hierarchy is not enabled
	NewPodContainerManager() PodContainerManager

	// GetMountedSubsystems returns the mounted cgroup subsystems on the node
	GetMountedSubsystems() *CgroupSubsystems

	// GetQOSContainersInfo returns the names of top level QoS containers
	GetQOSContainersInfo() QOSContainersInfo

	// GetNodeAllocatableReservation returns the amount of compute resources that have to be reserved from scheduling.
	GetNodeAllocatableReservation() v1.ResourceList

	// GetCapacity returns the amount of compute resources tracked by container manager available on the node.
	GetCapacity() v1.ResourceList

	// GetDevicePluginResourceCapacity returns the node capacity (amount of total device plugin resources),
	// node allocatable (amount of total healthy resources reported by device plugin),
	// and inactive device plugin resources previously registered on the node.
	GetDevicePluginResourceCapacity() (v1.ResourceList, v1.ResourceList, []string)

	// UpdateQOSCgroups performs housekeeping updates to ensure that the top
	// level QoS containers have their desired state in a thread-safe way
	UpdateQOSCgroups() error

	// GetResources returns RunContainerOptions with devices, mounts, and env fields populated for
	// extended resources required by container.
	GetResources(pod *v1.Pod, container *v1.Container) (*kubecontainer.RunContainerOptions, error)

	// UpdatePluginResources calls Allocate of device plugin handler for potential
	// requests for device plugin resources, and returns an error if fails.
	// Otherwise, it updates allocatableResource in nodeInfo if necessary,
	// to make sure it is at least equal to the pod's requested capacity for
	// any registered device plugin resource
	UpdatePluginResources(*schedulerframework.NodeInfo, *lifecycle.PodAdmitAttributes) error

	InternalContainerLifecycle() InternalContainerLifecycle

	// GetPodCgroupRoot returns the cgroup which contains all pods.
	GetPodCgroupRoot() string

	// GetPluginRegistrationHandler returns a plugin registration handler
	// The pluginwatcher's Handlers allow to have a single module for handling
	// registration.
	GetPluginRegistrationHandler() cache.PluginHandler

	// ShouldResetExtendedResourceCapacity returns whether or not the extended resources should be zeroed,
	// due to node recreation.
	ShouldResetExtendedResourceCapacity() bool

	// GetAllocateResourcesPodAdmitHandler returns an instance of a PodAdmitHandler responsible for allocating pod resources.
	GetAllocateResourcesPodAdmitHandler() lifecycle.PodAdmitHandler

	// GetNodeAllocatableAbsolute returns the absolute value of Node Allocatable which is primarily useful for enforcement.
	GetNodeAllocatableAbsolute() v1.ResourceList

	// Implements the podresources Provider API for CPUs, Memory and Devices
	podresources.CPUsProvider
	podresources.DevicesProvider
	podresources.MemoryProvider
}

Manages the containers running on a machine.

func NewContainerManager

func NewContainerManager(mountUtil mount.Interface, cadvisorInterface cadvisor.Interface, nodeConfig NodeConfig, failSwapOn bool, devicePluginEnabled bool, recorder record.EventRecorder) (ContainerManager, error)

TODO(vmarmol): Add limits to the system containers. Takes the absolute name of the specified containers. Empty container name disables use of the specified container.

func NewStubContainerManager

func NewStubContainerManager() ContainerManager

func NewStubContainerManagerWithDevicePluginResource added in v1.22.0

func NewStubContainerManagerWithDevicePluginResource(extendedPluginResources v1.ResourceList) ContainerManager

func NewStubContainerManagerWithExtendedResource added in v1.14.9

func NewStubContainerManagerWithExtendedResource(shouldResetExtendedResourceCapacity bool) ContainerManager

type FakeContainerManager added in v1.21.0

type FakeContainerManager struct {
	sync.Mutex
	CalledFunctions     []string
	PodContainerManager *FakePodContainerManager
	// contains filtered or unexported fields
}

func NewFakeContainerManager added in v1.21.0

func NewFakeContainerManager() *FakeContainerManager

func (*FakeContainerManager) GetAllocatableCPUs added in v1.21.0

func (cm *FakeContainerManager) GetAllocatableCPUs() []int64

func (*FakeContainerManager) GetAllocatableDevices added in v1.21.0

func (cm *FakeContainerManager) GetAllocatableDevices() []*podresourcesapi.ContainerDevices

func (*FakeContainerManager) GetAllocatableMemory added in v1.22.0

func (cm *FakeContainerManager) GetAllocatableMemory() []*podresourcesapi.ContainerMemory

func (*FakeContainerManager) GetAllocateResourcesPodAdmitHandler added in v1.21.0

func (cm *FakeContainerManager) GetAllocateResourcesPodAdmitHandler() lifecycle.PodAdmitHandler

func (*FakeContainerManager) GetCPUs added in v1.21.0

func (cm *FakeContainerManager) GetCPUs(_, _ string) []int64

func (*FakeContainerManager) GetCapacity added in v1.21.0

func (cm *FakeContainerManager) GetCapacity() v1.ResourceList

func (*FakeContainerManager) GetDevicePluginResourceCapacity added in v1.21.0

func (cm *FakeContainerManager) GetDevicePluginResourceCapacity() (v1.ResourceList, v1.ResourceList, []string)

func (*FakeContainerManager) GetDevices added in v1.21.0

func (*FakeContainerManager) GetMemory added in v1.22.0

func (*FakeContainerManager) GetMountedSubsystems added in v1.21.0

func (cm *FakeContainerManager) GetMountedSubsystems() *CgroupSubsystems

func (*FakeContainerManager) GetNodeAllocatableAbsolute added in v1.22.0

func (cm *FakeContainerManager) GetNodeAllocatableAbsolute() v1.ResourceList

func (*FakeContainerManager) GetNodeAllocatableReservation added in v1.21.0

func (cm *FakeContainerManager) GetNodeAllocatableReservation() v1.ResourceList

func (*FakeContainerManager) GetNodeConfig added in v1.21.0

func (cm *FakeContainerManager) GetNodeConfig() NodeConfig

func (*FakeContainerManager) GetPluginRegistrationHandler added in v1.21.0

func (cm *FakeContainerManager) GetPluginRegistrationHandler() cache.PluginHandler

func (*FakeContainerManager) GetPodCgroupRoot added in v1.21.0

func (cm *FakeContainerManager) GetPodCgroupRoot() string

func (*FakeContainerManager) GetQOSContainersInfo added in v1.21.0

func (cm *FakeContainerManager) GetQOSContainersInfo() QOSContainersInfo

func (*FakeContainerManager) GetResources added in v1.21.0

func (cm *FakeContainerManager) GetResources(pod *v1.Pod, container *v1.Container) (*kubecontainer.RunContainerOptions, error)

func (*FakeContainerManager) InternalContainerLifecycle added in v1.21.0

func (cm *FakeContainerManager) InternalContainerLifecycle() InternalContainerLifecycle

func (*FakeContainerManager) NewPodContainerManager added in v1.21.0

func (cm *FakeContainerManager) NewPodContainerManager() PodContainerManager

func (*FakeContainerManager) ShouldResetExtendedResourceCapacity added in v1.21.0

func (cm *FakeContainerManager) ShouldResetExtendedResourceCapacity() bool

func (*FakeContainerManager) Start added in v1.21.0

func (*FakeContainerManager) Status added in v1.21.0

func (cm *FakeContainerManager) Status() Status

func (*FakeContainerManager) SystemCgroupsLimit added in v1.21.0

func (cm *FakeContainerManager) SystemCgroupsLimit() v1.ResourceList

func (*FakeContainerManager) UpdateAllocatedDevices added in v1.21.0

func (cm *FakeContainerManager) UpdateAllocatedDevices()

func (*FakeContainerManager) UpdatePluginResources added in v1.21.0

func (*FakeContainerManager) UpdateQOSCgroups added in v1.21.0

func (cm *FakeContainerManager) UpdateQOSCgroups() error

type FakePodContainerManager added in v1.21.0

type FakePodContainerManager struct {
	sync.Mutex
	CalledFunctions []string
	Cgroups         map[types.UID]CgroupName
}

func NewFakePodContainerManager added in v1.21.0

func NewFakePodContainerManager() *FakePodContainerManager

func (*FakePodContainerManager) AddPodFromCgroups added in v1.21.0

func (m *FakePodContainerManager) AddPodFromCgroups(pod *kubecontainer.Pod)

func (*FakePodContainerManager) Destroy added in v1.21.0

func (m *FakePodContainerManager) Destroy(name CgroupName) error

func (*FakePodContainerManager) EnsureExists added in v1.21.0

func (m *FakePodContainerManager) EnsureExists(_ *v1.Pod) error

func (*FakePodContainerManager) Exists added in v1.21.0

func (m *FakePodContainerManager) Exists(_ *v1.Pod) bool

func (*FakePodContainerManager) GetAllPodsFromCgroups added in v1.21.0

func (m *FakePodContainerManager) GetAllPodsFromCgroups() (map[types.UID]CgroupName, error)

func (*FakePodContainerManager) GetPodContainerName added in v1.21.0

func (m *FakePodContainerManager) GetPodContainerName(_ *v1.Pod) (CgroupName, string)

func (*FakePodContainerManager) IsPodCgroup added in v1.21.0

func (m *FakePodContainerManager) IsPodCgroup(cgroupfs string) (bool, types.UID)

func (*FakePodContainerManager) ReduceCPULimits added in v1.21.0

func (m *FakePodContainerManager) ReduceCPULimits(_ CgroupName) error

type InternalContainerLifecycle added in v1.8.0

type InternalContainerLifecycle interface {
	PreCreateContainer(pod *v1.Pod, container *v1.Container, containerConfig *runtimeapi.ContainerConfig) error
	PreStartContainer(pod *v1.Pod, container *v1.Container, containerID string) error
	PreStopContainer(containerID string) error
	PostStopContainer(containerID string) error
}

type KernelTunableBehavior

type KernelTunableBehavior string
const (
	KernelTunableWarn   KernelTunableBehavior = "warn"
	KernelTunableError  KernelTunableBehavior = "error"
	KernelTunableModify KernelTunableBehavior = "modify"
)

type NodeAllocatableConfig added in v1.6.0

type NodeAllocatableConfig struct {
	KubeReservedCgroupName   string
	SystemReservedCgroupName string
	ReservedSystemCPUs       cpuset.CPUSet
	EnforceNodeAllocatable   sets.String
	KubeReserved             v1.ResourceList
	SystemReserved           v1.ResourceList
	HardEvictionThresholds   []evictionapi.Threshold
}

type NodeConfig

type NodeConfig struct {
	RuntimeCgroupsName    string
	SystemCgroupsName     string
	KubeletCgroupsName    string
	ContainerRuntime      string
	CgroupsPerQOS         bool
	CgroupRoot            string
	CgroupDriver          string
	KubeletRootDir        string
	ProtectKernelDefaults bool
	NodeAllocatableConfig
	QOSReserved                             map[v1.ResourceName]int64
	ExperimentalCPUManagerPolicy            string
	ExperimentalCPUManagerPolicyOptions     map[string]string
	ExperimentalTopologyManagerScope        string
	ExperimentalCPUManagerReconcilePeriod   time.Duration
	ExperimentalMemoryManagerPolicy         string
	ExperimentalMemoryManagerReservedMemory []kubeletconfig.MemoryReservation
	ExperimentalPodPidsLimit                int64
	EnforceCPULimits                        bool
	CPUCFSQuotaPeriod                       time.Duration
	ExperimentalTopologyManagerPolicy       string
}

type PodContainerManager added in v1.4.0

type PodContainerManager interface {
	// GetPodContainerName returns the CgroupName identifier, and its literal cgroupfs form on the host.
	GetPodContainerName(*v1.Pod) (CgroupName, string)

	// EnsureExists takes a pod as argument and makes sure that
	// pod cgroup exists if qos cgroup hierarchy flag is enabled.
	// If the pod cgroup doesn't already exist this method creates it.
	EnsureExists(*v1.Pod) error

	// Exists returns true if the pod cgroup exists.
	Exists(*v1.Pod) bool

	// Destroy takes a pod Cgroup name as argument and destroys the pod's container.
	Destroy(name CgroupName) error

	// ReduceCPULimits reduces the CPU CFS values to the minimum amount of shares.
	ReduceCPULimits(name CgroupName) error

	// GetAllPodsFromCgroups enumerates the set of pod uids to their associated cgroup based on state of cgroupfs system.
	GetAllPodsFromCgroups() (map[types.UID]CgroupName, error)

	// IsPodCgroup returns true if the literal cgroupfs name corresponds to a pod
	IsPodCgroup(cgroupfs string) (bool, types.UID)
}

PodContainerManager stores and manages pod level containers The Pod workers interact with the PodContainerManager to create and destroy containers for the pod.

type QOSContainerManager added in v1.6.0

type QOSContainerManager interface {
	Start(func() v1.ResourceList, ActivePodsFunc) error
	GetQOSContainersInfo() QOSContainersInfo
	UpdateCgroups() error
}

func NewQOSContainerManager added in v1.6.0

func NewQOSContainerManager(subsystems *CgroupSubsystems, cgroupRoot CgroupName, nodeConfig NodeConfig, cgroupManager CgroupManager) (QOSContainerManager, error)

type QOSContainersInfo added in v1.4.0

type QOSContainersInfo struct {
	Guaranteed CgroupName
	BestEffort CgroupName
	Burstable  CgroupName
}

QOSContainersInfo stores the names of containers per qos

type ResourceConfig added in v1.4.0

type ResourceConfig struct {
	// Memory limit (in bytes).
	Memory *int64
	// CPU shares (relative weight vs. other containers).
	CpuShares *uint64
	// CPU hardcap limit (in usecs). Allowed cpu time in a given period.
	CpuQuota *int64
	// CPU quota period.
	CpuPeriod *uint64
	// HugePageLimit map from page size (in bytes) to limit (in bytes)
	HugePageLimit map[int64]int64
	// Maximum number of pids
	PidsLimit *int64
	// Unified for cgroup v2
	Unified map[string]string
}

ResourceConfig holds information about all the supported cgroup resource parameters.

func ResourceConfigForPod added in v1.5.0

func ResourceConfigForPod(pod *v1.Pod, enforceCPULimits bool, cpuPeriod uint64, enforceMemoryQoS bool) *ResourceConfig

ResourceConfigForPod takes the input pod and outputs the cgroup resource config.

type Status

type Status struct {
	// Any soft requirements that were unsatisfied.
	SoftRequirements error
}

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL