872dd513fc
Multiple versions of kubernetes are required to support upgrade. This adds staged version of kubernetes 1.21.3, built with a specific version of golang. All subpackage versions are included in the iso image without collisions. The following patches are ported to specific kubernetes version: kubelet-cpumanager-disable-CFS-quota-throttling-for-.patch kubelet-cpumanager-keep-normal-containers-off-reserv.patch kubelet-cpumanager-infrastructure-pods-use-system-re.patch kubelet-cpumanager-introduce-concept-of-isolated-CPU.patch kubeadm-create-platform-pods-with-zero-CPU-resources.patch enable-support-for-kubernetes-to-ignore-isolcpus.patch The following changes were made for 1.21.3: - following upstream commit was reverted: Revert-use-subpath-for-coredns-only-for-default-repo.patch - kubelet-cpumanager-disable-CFS-quota-throttling-for-.patch was refactored due to new internal_container_lifecycle framework We leverage the same mechanism to set Linux resources as: cpu manager: specify the container CPU set during the creation (commit 38dc7509f862f081828e7d9167107b8c6e98ea23). - kubelet-cpumanager-introduce-concept-of-isolated-CPU.patch was refactored due to upstream API change: node: podresources: make GetDevices() consistent (commit ad68f9588c72d6477b5a290c548a9031063ac659). The routine podIsolCPUs() was refactored in 1.21.3 since the API p.deviceManager.GetDevices() is returning multiple devices with a device per cpu. The resultant cpuset needs to be the aggregate. Story: 2008972 Task: 43056 Signed-off-by: Jim Gauld <james.gauld@windriver.com> Change-Id: I5ba7ff2e6aebb744af265698c0f90256ac5e70f4
80 lines
2.9 KiB
Diff
80 lines
2.9 KiB
Diff
From a0011e7749f7e54d3f1a689e717ded88e284860f Mon Sep 17 00:00:00 2001
|
|
From: Chris Friesen <chris.friesen@windriver.com>
|
|
Date: Fri, 23 Oct 2020 17:46:10 -0600
|
|
Subject: [PATCH 6/7] enable support for kubernetes to ignore isolcpus
|
|
|
|
The normal mechanisms for allocating isolated CPUs do not allow
|
|
a mix of isolated and exclusive CPUs in the same container. In
|
|
order to allow this in *very* limited cases where the pod spec
|
|
is known in advance we will add the ability to disable the normal
|
|
isolcpus behaviour.
|
|
|
|
If the file "/etc/kubernetes/ignore_isolcpus" exists, then kubelet
|
|
will basically forget everything it knows about isolcpus and just
|
|
treat them like regular CPUs.
|
|
|
|
The admin user can then rely on the fact that CPU allocation is
|
|
deterministic to ensure that the isolcpus they configure end up being
|
|
allocated to the correct pods.
|
|
---
|
|
pkg/kubelet/cm/cpumanager/cpu_manager.go | 9 +++++++++
|
|
pkg/kubelet/cm/cpumanager/policy_static.go | 8 ++++++++
|
|
2 files changed, 17 insertions(+)
|
|
|
|
diff --git a/pkg/kubelet/cm/cpumanager/cpu_manager.go b/pkg/kubelet/cm/cpumanager/cpu_manager.go
|
|
index 2563f61e7b5..1b226187fef 100644
|
|
--- a/pkg/kubelet/cm/cpumanager/cpu_manager.go
|
|
+++ b/pkg/kubelet/cm/cpumanager/cpu_manager.go
|
|
@@ -19,6 +19,7 @@ package cpumanager
|
|
import (
|
|
"fmt"
|
|
"math"
|
|
+ "os"
|
|
"sync"
|
|
"time"
|
|
"strings"
|
|
@@ -55,6 +56,14 @@ const cpuManagerStateFileName = "cpu_manager_state"
|
|
|
|
// get the system-level isolated CPUs
|
|
func getIsolcpus() cpuset.CPUSet {
|
|
+
|
|
+ // This is a gross hack to basically turn off awareness of isolcpus to enable
|
|
+ // isolated cpus to be allocated to pods the same way as non-isolated CPUs.
|
|
+ if _, err := os.Stat("/etc/kubernetes/ignore_isolcpus"); err == nil {
|
|
+ klog.Infof("[cpumanager] turning off isolcpus awareness")
|
|
+ return cpuset.NewCPUSet()
|
|
+ }
|
|
+
|
|
dat, err := ioutil.ReadFile("/sys/devices/system/cpu/isolated")
|
|
if err != nil {
|
|
klog.Errorf("[cpumanager] unable to read sysfs isolcpus subdir")
|
|
diff --git a/pkg/kubelet/cm/cpumanager/policy_static.go b/pkg/kubelet/cm/cpumanager/policy_static.go
|
|
index 2ad14a98911..73b74d5c4cc 100644
|
|
--- a/pkg/kubelet/cm/cpumanager/policy_static.go
|
|
+++ b/pkg/kubelet/cm/cpumanager/policy_static.go
|
|
@@ -18,6 +18,7 @@ package cpumanager
|
|
|
|
import (
|
|
"fmt"
|
|
+ "os"
|
|
"strconv"
|
|
|
|
v1 "k8s.io/api/core/v1"
|
|
@@ -613,6 +614,13 @@ func isKubeInfra(pod *v1.Pod) bool {
|
|
|
|
// get the isolated CPUs (if any) from the devices associated with a specific container
|
|
func (p *staticPolicy) podIsolCPUs(pod *v1.Pod, container *v1.Container) cpuset.CPUSet {
|
|
+
|
|
+ // This is a gross hack to basically turn off awareness of isolcpus to enable
|
|
+ // isolated cpus to be allocated to pods the same way as non-isolated CPUs.
|
|
+ if _, err := os.Stat("/etc/kubernetes/ignore_isolcpus"); err == nil {
|
|
+ return cpuset.NewCPUSet()
|
|
+ }
|
|
+
|
|
// NOTE: This is required for TestStaticPolicyAdd() since makePod() does
|
|
// not create UID. We also need a way to properly stub devicemanager.
|
|
if len(string(pod.UID)) == 0 {
|
|
--
|
|
2.17.1
|
|
|