Set ulimit for nova-compute and cinder-volume

Nova compute and cinder volume uses oslo concurrency
processuitls.execute to run privileged commands.
Containers inherit file descriptor limit from docker daemon
(currently:1048576) which is too high and leads to performance
issue. This patch sets nofile limit to 1024 for nova compute
and 131072 for cinder volume, which is reasonable as before
containers nova compute used host defaults i.e 1024 and cinder
volume systemctl override([1]) i.e 131072. Also updated neutron
l3, dhcp and ovs agent to use Parameters for ulimit configuration.

[1] https://review.rdoproject.org/r/#/c/1360/.

Closes-Bug: #1762455
Related-Bug: #1760471
Related-Bug: #1757556
Change-Id: I4d4b36de32f8a8e311efd87ea1c4095c5568dec4
This commit is contained in:
yatin 2018-04-11 15:53:22 +05:30
parent 0f34ca6574
commit 70276931a4
6 changed files with 40 additions and 3 deletions

@ -10,6 +10,10 @@ parameters:
DockerCinderConfigImage:
description: The container image to use for the cinder config_volume
type: string
DockerCinderVolumeUlimit:
default: ['nofile=131072']
description: ulimit for Cinder Volume Container
type: comma_delimited_list
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
@ -147,6 +151,7 @@ outputs:
step_4:
cinder_volume:
image: *cinder_volume_image
ulimit: {get_param: DockerCinderVolumeUlimit}
ipc: host
net: host
privileged: true

@ -10,6 +10,10 @@ parameters:
DockerNeutronConfigImage:
description: The container image to use for the neutron config_volume
type: string
DockerNeutronDHCPAgentUlimit:
default: ['nofile=1024']
description: ulimit for Neutron DHCP Agent Container
type: comma_delimited_list
EndpointMap:
default: {}
description: Mapping of service endpoint -> protocol. Typically set
@ -126,7 +130,7 @@ outputs:
restart: always
healthcheck:
test: /openstack/healthcheck
ulimit: ['nofile=1024']
ulimit: {get_param: DockerNeutronDHCPAgentUlimit}
volumes:
list_concat:
- {get_attr: [ContainersCommon, volumes]}

@ -10,6 +10,10 @@ parameters:
DockerNeutronConfigImage:
description: The container image to use for the neutron config_volume
type: string
DockerNeutronL3AgentUlimit:
default: ['nofile=1024']
description: ulimit for Neutron L3 Agent Container
type: comma_delimited_list
ServiceData:
default: {}
description: Dictionary packing service data
@ -104,7 +108,7 @@ outputs:
restart: always
healthcheck:
test: /openstack/healthcheck
ulimit: ['nofile=1024']
ulimit: {get_param: DockerNeutronL3AgentUlimit}
volumes:
list_concat:
- {get_attr: [ContainersCommon, volumes]}

@ -10,6 +10,10 @@ parameters:
DockerNeutronConfigImage:
description: The container image to use for the neutron config_volume
type: string
DockerOpenvswitchUlimit:
default: ['nofile=1024']
description: ulimit for Openvswitch Container
type: comma_delimited_list
ServiceData:
default: {}
description: Dictionary packing service data
@ -148,7 +152,7 @@ outputs:
restart: always
healthcheck:
test: /openstack/healthcheck
ulimit: ['nofile=1024']
ulimit: {get_param: DockerOpenvswitchUlimit}
volumes:
list_concat:
- {get_attr: [ContainersCommon, volumes]}

@ -10,6 +10,10 @@ parameters:
DockerNovaLibvirtConfigImage:
description: The container image to use for the nova_libvirt config_volume
type: string
DockerNovaComputeUlimit:
default: ['nofile=1024']
description: ulimit for Nova Compute Container
type: comma_delimited_list
ServiceData:
default: {}
description: Dictionary packing service data
@ -155,6 +159,7 @@ outputs:
step_4:
nova_compute:
image: &nova_compute_image {get_param: DockerNovaComputeImage}
ulimit: {get_param: DockerNovaComputeUlimit}
ipc: host
net: host
privileged: true

@ -0,0 +1,15 @@
---
features:
- |
Add Parameters to Configure Ulimit for Containers.
These parameters can be used to configure ulimit
per container basis as per the requirement of the
deployment.
Following parameters are added for neutron, nova
and cinder:-
- DockerNeutronDHCPAgentUlimit defaults to nofile=1024
- DockerNeutronL3AgentUlimit defaults to nofile=1024
- DockerOpenvswitchUlimit defaults to nofile=1024
- DockerNovaComputeUlimit defaults to nofile=1024
- DockerCinderVolumeUlimit defaults to nofile=131072