Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

support pids cgroup #76

Merged
merged 1 commit into from
Aug 6, 2024
Merged

support pids cgroup #76

merged 1 commit into from
Aug 6, 2024

Conversation

yylt
Copy link
Contributor

@yylt yylt commented Apr 8, 2024

Fix #75

@klihub
Copy link
Member

klihub commented Apr 8, 2024

@yylt: Do you have a use case for this ? I mean, AFAICT this PR tries to add cgroup v1 support for something that we already should support for cgroup v2 using LinuxResources.Unified["pids.max"]. Also, this PR only adds the placeholder for the cgroup v1 max pids setting in the wire protocol. It does not implement doing anything with the actual value if it happens to be set.

We have been trying for a while now to avoid adding anything new cgroup v1-specific bits to NRI.

@yylt
Copy link
Contributor Author

yylt commented Apr 8, 2024

There are still many distributions, like Rocky Linux 8, kylin linux , and the Rocky Linux 8 uses the 4.18 kernel. Since cgroup v2 recommends a kernel version higher than 5.2, I think it's still necessary to add support for the v1 version of cgroups.

Additional, maybe nri should follow the OCI runtime spec more closely. If the runtime spec doesn't support a specific cgroup, then nri should remove or not add it

@mikebrow
Copy link
Member

There are still many distributions, like Rocky Linux 8, kylin linux , and the Rocky Linux 8 uses the 4.18 kernel. Since cgroup v2 recommends a kernel version higher than 5.2, I think it's still necessary to add support for the v1 version of cgroups.

Additional, maybe nri should follow the OCI runtime spec more closely. If the runtime spec doesn't support a specific cgroup, then nri should remove or not add it

Just adding a note here regarding possibility of v2 to v1 conversions ..

https://github.com/opencontainers/runtime-spec/blob/main/config-linux.md#example-12

see example ^ and description: "If a controller is enabled on the cgroup v2 hierarchy but the configuration is provided for the cgroup v1 equivalent controller, the runtime MAY attempt a conversion."

@AkihiroSuda thoughts? Should we be enabling both v1 and v2/unified and exposing the runtime meta at this plugin layer... or push the NRI plugins to cgroupv2 and do any nec. conversions either in CRI/shim or runtime?

AkihiroSuda
AkihiroSuda approved these changes Apr 23, 2024
View reviewed changes
Copy link
Member

@AkihiroSuda AkihiroSuda left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We have been converting memory and cpu, so converting pids SGTM

@klihub klihub self-requested a review July 11, 2024 07:58
@klihub
Copy link
Member

klihub commented Jul 11, 2024

@yylt IMO, for making this really usable and getting it merged, IMO we'd need to put in a few more missing details:

  • pkg/api: add ContainerAdjustment setter, probably SetLinuxPidLimits(int64)
  • pkg/adaptation: add collection, conflict detection and other handling for the new pid limits to result
  • pkg/runtime-tools/generate: implement pid limit adjustment in the OCI Spec in Generator.AdjustResources()
  • pkg/runtime-tools/generate(/generate_suite_test.go:"Adjustment" ginkgo test case): preferably also add a test case here for the new functionality

The currently open PR #94 can be used as a very good example of a similar functional addition in full detail.

klihub
klihub requested changes Jul 11, 2024
View reviewed changes
Copy link
Member

@klihub klihub left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

There are a few remaining bits missing for this to become really useful and mergeable. PR #94, which adds similar functionality for OOM Score adjustment, can be used as an example/template on what needs to be done.

@yylt
Copy link
Contributor Author

yylt commented Jul 11, 2024

@klihub , thank you response. If the PID can be modified by NRI, the remaining parts will be improved accordingly.

@yylt
Copy link
Contributor Author

yylt commented Jul 12, 2024

There are a few remaining bits missing for this to become really useful and mergeable. PR #94, which adds similar functionality for OOM Score adjustment, can be used as an example/template on what needs to be done.

Done

klihub
klihub reviewed Jul 19, 2024
View reviewed changes
pkg/api/update.go Outdated Show resolved Hide resolved
@yylt
support pids cgroup
1719502 
Signed-off-by: Yang Yang <[email protected]>
mikebrow
mikebrow approved these changes Aug 1, 2024
View reviewed changes
Copy link
Member

@mikebrow mikebrow left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM with the open issue of adding a v2 to v1 conversion ... helper

@mikebrow mikebrow added this to the 1.0 milestone Aug 1, 2024
@yylt
Copy link
Contributor Author

yylt commented Aug 2, 2024

have been converting memory and cpu

sorry, I didn't quite understand the part about 'have been converting memory and CPU.' I haven't seen any related program in cri / runc.

Could you provide some examples?

@mikebrow
Copy link
Member

mikebrow commented Aug 2, 2024

have been converting memory and cpu

sorry, I didn't quite understand the part about 'have been converting memory and CPU.' I haven't seen any related program in cri / runc.

Could you provide some examples?

Will let @AkihiroSuda chime in :) But I believe this is an example: https://github.com/opencontainers/runc/blob/ad5b481dace5cda8ca7c659b7717a15517333198/libcontainer/cgroups/utils_test.go#L541-L634

@yylt
Copy link
Contributor Author

yylt commented Aug 5, 2024

have been converting memory and cpu

sorry, I didn't quite understand the part about 'have been converting memory and CPU.' I haven't seen any related program in cri / runc.
Could you provide some examples?

Will let @AkihiroSuda chime in :) But I believe this is an example: https://github.com/opencontainers/runc/blob/ad5b481dace5cda8ca7c659b7717a15517333198/libcontainer/cgroups/utils_test.go#L541-L634

In the examples, the focus is on the conversion from v1 to v2, primarily due to the addition of new fields or changes in the meaning in v2, necessitating the conversion.

Currently, the pids only has a single limit setting (type u64), without any changes in meaning or new fields being added, so there are no any need changed here?

Regarding the conversion from v2 to v1, it appears that this was initially prevented from the outset in v1, as seen in https://github.com/opencontainers/runc/blob/ad5b481dace5cda8ca7c659b7717a15517333198/libcontainer/cgroups/fs/fs.go#L175.

If there are any issues or corrections needed, please feel free to point them out. Thank you.

@mikebrow mikebrow merged commit a09d0ae into containerd:main Aug 6, 2024
8 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mikebrow mikebrow mikebrow approved these changes

@AkihiroSuda AkihiroSuda AkihiroSuda approved these changes

@klihub klihub klihub approved these changes

Assignees
No one assigned
Labels
v1.0 required
Projects
None yet
Milestone
1.0
Development

Successfully merging this pull request may close these issues.

Support pid cgroup control in plugin
4 participants
@yylt @klihub @mikebrow @AkihiroSuda