5d1a26b89d
It has been observed in systems running for months -> years
that the CNI cache files (representing attributes of
network attachment definitions of pods) can accumulate in
large numbers in the /var/lib/cni/results/ and
/var/lib/cni/multus/ directories.
The cache files in /var/lib/cni/results/ have a naming signature of:
<type>-<pod id>-<interface name>
While the cache files in /var/lib/cni/multus have a naming signature
of:
<pod id>
Normally these files are cleaned up automatically (I believe
this is the responsibility of containerd). It has been seen
that this happens reliably when one manually deletes a pod.
The issue has been reproduced in the case of a host being manually
rebooted. In this case, the pods are re-created when the host comes
back up, but with a different pod-id than was used before
In this case, _most_ of the time the cache files from the previous
instantiation of the pod are deleted, but occasionally a few are
missed by the internal garbage collection mechanism.
Once a cache file from the previous instantiation of a pod escapes
garbage collection, it seems to be left as a stale file for all
subsequent reboots. Over time, this can cause these stale files
to accumulate and take up disk space unnecessarily.
The script will be called once by the k8s-pod-recovery service
on system startup, and then periodically via a cron job installed
by puppet.
The cleanup mechanism analyzes the cache files by name and
compares them with the id(s) of the currently running pods. Any
stale files detected are deleted.
Test Plan:
PASS: Verify existing pods do not have their cache files removed
PASS: Verify files younger than the specified 'olderthan' time
are not removed
PASS: Verify stale cache files for pods that do not exist anymore
are removed.
PASS: Verify the script does not run if kubelet is not up yet.
Failure Path:
PASS: Verify files not matching the naming signature (pod id
embedded in file name) are not processed
Regression:
PASS: Verify system install
PASS: Verify feature logging
Partial-Bug: 1947386
Signed-off-by: Steven Webster <steven.webster@windriver.com>
Change-Id: I0ce06646001e52d1cc6d204b924f41d049264b4c
98 lines
2.4 KiB
Plaintext
98 lines
2.4 KiB
Plaintext
base/initscripts
|
|
base/setup
|
|
base/dhcp
|
|
base/linuxptp
|
|
base/openssh
|
|
config/facter
|
|
virt/qemu
|
|
python/python-setuptools
|
|
virt/libvirt
|
|
virt/libvirt-python
|
|
base/lighttpd
|
|
networking/python-ryu
|
|
python/python-voluptuous
|
|
networking/lldpd
|
|
logging/logrotate
|
|
security/shim-unsigned
|
|
security/shim-signed
|
|
base/sudo
|
|
virt/cloud-init
|
|
base/watchdog
|
|
ldap/openldap
|
|
networking/openvswitch
|
|
base/libevent
|
|
security/tss2
|
|
security/tpm2-tools
|
|
security/libtpms
|
|
security/spectre-meltdown-checker
|
|
config/puppet-4.8.2
|
|
config/puppet-modules/puppet-boolean-1.0.2
|
|
config/puppet-modules/puppet-create_resources
|
|
config/puppet-modules/puppet-dnsmasq
|
|
config/puppet-modules/puppet-drbd-0.3.1
|
|
config/puppet-modules/puppet-filemapper
|
|
config/puppet-modules/puppet-haproxy-1.5.0
|
|
config/puppet-modules/puppet-ldap
|
|
config/puppet-modules/puppet-lvm
|
|
config/puppet-modules/puppet-network
|
|
config/puppet-modules/puppet-nslcd
|
|
config/puppet-modules/puppet-postgresql-4.8.0
|
|
config/puppet-modules/puppet-puppi
|
|
config/puppet-modules/puppet-rabbitmq-5.5.0
|
|
config/puppet-modules/puppet-staging
|
|
config/puppet-modules/puppet-stdlib-4.12.0
|
|
config/puppet-modules/openstack/puppet-ceph-2.2.0
|
|
config/puppet-modules/openstack/puppet-horizon-9.5.0
|
|
config/puppet-modules/openstack/puppet-keystone-11.3.0
|
|
config/puppet-modules/openstack/puppet-openstacklib-11.3.0
|
|
config/puppet-modules/openstack/puppet-oslo-11.3.0
|
|
base/systemd
|
|
storage-drivers/python-3parclient
|
|
storage-drivers/python-lefthandclient
|
|
storage-drivers/trident-installer
|
|
security/tboot
|
|
docker/python-docker
|
|
kubernetes/containerd
|
|
kubernetes/cni/plugins
|
|
kubernetes/kubernetes-1.18.1
|
|
kubernetes/kubernetes-1.19.13
|
|
kubernetes/kubernetes-1.20.9
|
|
kubernetes/kubernetes-1.21.3
|
|
kubernetes/kubernetes-unversioned
|
|
kubernetes/docker-distribution
|
|
kubernetes/etcd
|
|
kubernetes/helm
|
|
kubernetes/chartmuseum
|
|
kubernetes/armada-helm-toolkit
|
|
kubernetes/armada
|
|
kubernetes/k8s-pod-recovery
|
|
kubernetes/k8s-cni-cache-cleanup
|
|
kubernetes/plugins/isolcpus-device-plugin
|
|
python/python-kubernetes
|
|
grub/grubby
|
|
base/dpkg
|
|
base/cluster-resource-agents
|
|
base/libfdt
|
|
base/haproxy
|
|
base/ntp
|
|
ldap/ldapscripts
|
|
networking/net-tools
|
|
filesystem/drbd/drbd-tools
|
|
database/mariadb
|
|
database/python-psycopg2
|
|
base/dnsmasq
|
|
filesystem/parted
|
|
security/python-keyring
|
|
grub/grub2
|
|
ceph/ceph
|
|
bmc/Redfishtool
|
|
virt/kvm-timer-advance
|
|
requests-toolbelt
|
|
python/python-mechanize
|
|
python/python-html5lib
|
|
python/python-webencodings
|
|
python/python-daemon
|
|
base/inih
|
|
base/pf-bb-config
|
|
gpu/gpu-operator
|