From e24f687606d25424bfd09dd53c7195e6d180a069 Mon Sep 17 00:00:00 2001 From: Boovan Rajendran Date: Tue, 22 Nov 2022 12:10:48 -0500 Subject: [PATCH] kubelet CFS quota throttling for non integer cpulimit This patch is used to set cgroups by writing -1 to cgroup cpu.cfs_quota_us when the cpulimit has integer value. Test Plan: Verified the pods that in the "Guaranteed" QoS class, on hosts that have "kube-cpu-mgr-policy=static" have cpu.cfs_quota_us set to -1 for integer cpu value. Closes-Bug: #1997528 Signed-off-by: Boovan Rajendran Change-Id: I06a5ea791b9392483414323db1f2ae0962a466ce --- ...-throttling-for-non-integer-cpulimit.patch | 29 +++++++++++++++++++ .../debian/deb_folder/patches/series | 1 + 2 files changed, 30 insertions(+) create mode 100644 kubernetes/kubernetes-1.24.4/debian/deb_folder/patches/kubelet-CFS-quota-throttling-for-non-integer-cpulimit.patch diff --git a/kubernetes/kubernetes-1.24.4/debian/deb_folder/patches/kubelet-CFS-quota-throttling-for-non-integer-cpulimit.patch b/kubernetes/kubernetes-1.24.4/debian/deb_folder/patches/kubelet-CFS-quota-throttling-for-non-integer-cpulimit.patch new file mode 100644 index 000000000..3c0b554d9 --- /dev/null +++ b/kubernetes/kubernetes-1.24.4/debian/deb_folder/patches/kubelet-CFS-quota-throttling-for-non-integer-cpulimit.patch @@ -0,0 +1,29 @@ +From 79d3040429f98e0113fd7da5aab0f96937725ed6 Mon Sep 17 00:00:00 2001 +From: Boovan Rajendran +Date: Thu, 24 Nov 2022 01:11:25 -0500 +Subject: [PATCH] kubelet CFS quota throttling for non integer cpulimit + +Signed-off-by: Boovan Rajendran +--- + pkg/kubelet/cm/internal_container_lifecycle_linux.go | 5 ++++- + 1 file changed, 4 insertions(+), 1 deletion(-) + +diff --git a/pkg/kubelet/cm/internal_container_lifecycle_linux.go b/pkg/kubelet/cm/internal_container_lifecycle_linux.go +index 75406dd8564..fc648933952 100644 +--- a/pkg/kubelet/cm/internal_container_lifecycle_linux.go ++++ b/pkg/kubelet/cm/internal_container_lifecycle_linux.go +@@ -39,7 +39,10 @@ func (i *internalContainerLifecycleImpl) PreCreateContainer(pod *v1.Pod, contain + // Disable cgroup CFS throttle at the container level. + // /sys/fs/cgroup/cpu/k8s-infra/kubepods///cpu.cfs_quota_us + // /sys/fs/cgroup/cpu/k8s-infra/kubepods///cpu.cfs_period_us +- if i.cpuManager.GetCPUPolicy() == "static" && v1qos.GetPodQOS(pod) == v1.PodQOSGuaranteed { ++ // We can only set CpuQuota to -1 if we're allocating the entire CPU. ++ // For fractional CPUs the CpuQuota is needed to enforce the limit. ++ fractionalCpuQuantity := cpuQuantity.MilliValue()%1000 ++ if i.cpuManager.GetCPUPolicy() == "static" && v1qos.GetPodQOS(pod) == v1.PodQOSGuaranteed && fractionalCpuQuantity == 0 { + containerConfig.Linux.Resources.CpuPeriod = int64(100000) + containerConfig.Linux.Resources.CpuQuota = int64(-1) + } +-- +2.25.1 + diff --git a/kubernetes/kubernetes-1.24.4/debian/deb_folder/patches/series b/kubernetes/kubernetes-1.24.4/debian/deb_folder/patches/series index b15b0ae02..0b0e6cd75 100644 --- a/kubernetes/kubernetes-1.24.4/debian/deb_folder/patches/series +++ b/kubernetes/kubernetes-1.24.4/debian/deb_folder/patches/series @@ -13,3 +13,4 @@ kubelet-cpumanager-infra-pods-use-system-reserved-CP.patch kubelet-cpumanager-introduce-concept-of-isolated-CPU.patch enable-support-for-kubernetes-to-ignore-isolcpus.patch cpumanager-policy-static-test-refactor.patch +kubelet-CFS-quota-throttling-for-non-integer-cpulimit.patch