From dd75f3ba3d41180a2db9cb9099f6ce02f34820c0 Mon Sep 17 00:00:00 2001 From: Boovan Rajendran Date: Wed, 30 Nov 2022 08:35:13 -0500 Subject: [PATCH] kubelet CFS quota throttling for non integer cpulimit A previous change set the cgroup cpu.cfs_quota_us value to -1 for containers in pods in the Guaranteed QoS class. We can only do this if we're allocating the entire CPU. For non- integer CPU allocations we need to set the cpu.cfs_quota_us value to enforce the CPU limit configured on the container. Test Plan: Verified the pods that in the "Guaranteed" QoS class, on hosts that have "kube-cpu-mgr-policy=static" have cpu.cfs_quota_us set to -1 for integer cpu value. Closes-Bug: 1997528 Signed-off-by: Boovan Rajendran Change-Id: I33662e67706cee4cb0ce005bb09ce3b5fc717239 --- ...-throttling-for-non-integer-cpulimit.patch | 30 +++++++++++++++++++ .../debian/deb_folder/patches/series | 1 + 2 files changed, 31 insertions(+) create mode 100644 kubernetes/kubernetes-1.24.4/debian/deb_folder/patches/kubelet-CFS-quota-throttling-for-non-integer-cpulimit.patch diff --git a/kubernetes/kubernetes-1.24.4/debian/deb_folder/patches/kubelet-CFS-quota-throttling-for-non-integer-cpulimit.patch b/kubernetes/kubernetes-1.24.4/debian/deb_folder/patches/kubelet-CFS-quota-throttling-for-non-integer-cpulimit.patch new file mode 100644 index 000000000..ee22dcfea --- /dev/null +++ b/kubernetes/kubernetes-1.24.4/debian/deb_folder/patches/kubelet-CFS-quota-throttling-for-non-integer-cpulimit.patch @@ -0,0 +1,30 @@ +From 2e957044cbcde858abb9c46d177d5cf4ae1407df Mon Sep 17 00:00:00 2001 +From: Boovan Rajendran +Date: Wed, 30 Nov 2022 04:17:19 -0500 +Subject: [PATCH] kubelet CFS quota throttling for non integer cpulimit + +Signed-off-by: Boovan Rajendran +--- + pkg/kubelet/cm/internal_container_lifecycle_linux.go | 6 +++++- + 1 file changed, 5 insertions(+), 1 deletion(-) + +diff --git a/pkg/kubelet/cm/internal_container_lifecycle_linux.go b/pkg/kubelet/cm/internal_container_lifecycle_linux.go +index 75406dd8564..05366ab6fcb 100644 +--- a/pkg/kubelet/cm/internal_container_lifecycle_linux.go ++++ b/pkg/kubelet/cm/internal_container_lifecycle_linux.go +@@ -39,7 +39,11 @@ func (i *internalContainerLifecycleImpl) PreCreateContainer(pod *v1.Pod, contain + // Disable cgroup CFS throttle at the container level. + // /sys/fs/cgroup/cpu/k8s-infra/kubepods///cpu.cfs_quota_us + // /sys/fs/cgroup/cpu/k8s-infra/kubepods///cpu.cfs_period_us +- if i.cpuManager.GetCPUPolicy() == "static" && v1qos.GetPodQOS(pod) == v1.PodQOSGuaranteed { ++ // We can only set CpuQuota to -1 if we're allocating the entire CPU. ++ // For fractional CPUs the CpuQuota is needed to enforce the limit. ++ cpuQuantity := container.Resources.Requests[v1.ResourceCPU] ++ fractionalCpuQuantity := cpuQuantity.MilliValue()%1000 ++ if i.cpuManager.GetCPUPolicy() == "static" && v1qos.GetPodQOS(pod) == v1.PodQOSGuaranteed && fractionalCpuQuantity == 0 { + containerConfig.Linux.Resources.CpuPeriod = int64(100000) + containerConfig.Linux.Resources.CpuQuota = int64(-1) + } +-- +2.25.1 + diff --git a/kubernetes/kubernetes-1.24.4/debian/deb_folder/patches/series b/kubernetes/kubernetes-1.24.4/debian/deb_folder/patches/series index b15b0ae02..0b0e6cd75 100644 --- a/kubernetes/kubernetes-1.24.4/debian/deb_folder/patches/series +++ b/kubernetes/kubernetes-1.24.4/debian/deb_folder/patches/series @@ -13,3 +13,4 @@ kubelet-cpumanager-infra-pods-use-system-reserved-CP.patch kubelet-cpumanager-introduce-concept-of-isolated-CPU.patch enable-support-for-kubernetes-to-ignore-isolcpus.patch cpumanager-policy-static-test-refactor.patch +kubelet-CFS-quota-throttling-for-non-integer-cpulimit.patch